Vulnerabilites related to cisco - nexus_9336pq_aci_spine
cve-2021-1361
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:38
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:16.912Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1361", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T19:56:03.272438Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:38:40.489Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:41", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2", }, ], source: { advisory: "cisco-sa-3000-9000-fileaction-QtLzDRy2", defect: [ [ "CSCvw89875", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1361", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "9.8", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-552", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2", }, ], }, source: { advisory: "cisco-sa-3000-9000-fileaction-QtLzDRy2", defect: [ [ "CSCvw89875", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1361", datePublished: "2021-02-24T19:30:41.350830Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:38:40.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3338
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 5.2(1) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.991Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3338", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:08.676378Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:39.460Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 5.2(1)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-404", description: "CWE-404", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:43", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", }, ], source: { advisory: "cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", defect: [ [ "CSCvr91853", "CSCvr97684", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3338", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 5.2(1)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-404", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", }, ], }, source: { advisory: "cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", defect: [ [ "CSCvr91853", "CSCvr97684", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3338", datePublished: "2020-08-27T15:40:43.612337Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:39.460Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1228
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
EPSS score ?
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS System Software in ACI Mode 11.0(1b) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:02:56.129Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1228", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:48:47.081781Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:39:43.643Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS System Software in ACI Mode 11.0(1b)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:26", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w", }, ], source: { advisory: "cisco-sa-n9kaci-unauth-access-5PWzDx2w", defect: [ [ "CSCvu84576", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1228", STATE: "PUBLIC", TITLE: "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS System Software in ACI Mode 11.0(1b)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w", }, ], }, source: { advisory: "cisco-sa-n9kaci-unauth-access-5PWzDx2w", defect: [ [ "CSCvu84576", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1228", datePublished: "2021-02-24T19:30:26.525098Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:39:43.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3397
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.213Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3397", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:09.910461Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:56.819Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:34", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ", }, ], source: { advisory: "cisco-sa-nxosbgp-nlri-dos-458rG2OQ", defect: [ [ "CSCvr58652", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3397", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ", }, ], }, source: { advisory: "cisco-sa-nxosbgp-nlri-dos-458rG2OQ", defect: [ [ "CSCvr58652", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3397", datePublished: "2020-08-27T15:40:34.148007Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:56.819Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0721
Vulnerability from cvelistv5
Published
2016-10-06 10:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93410 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036947 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:17:32.743Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93410", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93410", }, { name: "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa", }, { name: "1036947", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036947", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-05T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "93410", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93410", }, { name: "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa", }, { name: "1036947", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036947", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-0721", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "93410", refsource: "BID", url: "http://www.securityfocus.com/bid/93410", }, { name: "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa", }, { name: "1036947", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036947", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-0721", datePublished: "2016-10-06T10:00:00", dateReserved: "2015-01-07T00:00:00", dateUpdated: "2024-08-06T04:17:32.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3504
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3504", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:24:18.362716Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:32.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-664", description: "CWE-664", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, title: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3504", STATE: "PUBLIC", TITLE: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "3.3", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-664", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], }, source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3504", datePublished: "2020-08-27T15:40:13.292875Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:32.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3172
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3172", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:00.721656Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:15.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:40", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3172", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3172", datePublished: "2020-02-26T16:50:40.700230Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:15.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20115
Vulnerability from cvelistv5
Published
2023-08-23 18:20
Modified
2024-10-02 18:56
Severity ?
EPSS score ?
Summary
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 9.2(1) Version: 9.2(2) Version: 9.2(2t) Version: 9.2(3) Version: 9.2(4) Version: 9.2(2v) Version: 9.3(1) Version: 9.3(2) Version: 9.3(3) Version: 9.3(4) Version: 9.3(5) Version: 9.3(6) Version: 9.3(7) Version: 9.3(7a) Version: 9.3(8) Version: 9.3(9) Version: 9.3(10) Version: 9.3(11) Version: 10.1(1) Version: 10.1(2) Version: 10.1(2t) Version: 10.2(1) Version: 10.2(1q) Version: 10.2(2) Version: 10.2(3) Version: 10.2(3t) Version: 10.2(4) Version: 10.2(5) Version: 10.3(1) Version: 10.3(2) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:36.187Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nxos-sftp-xVAp5Hfd", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20115", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-02T18:56:28.348139Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-02T18:56:36.940Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "9.2(1)", }, { status: "affected", version: "9.2(2)", }, { status: "affected", version: "9.2(2t)", }, { status: "affected", version: "9.2(3)", }, { status: "affected", version: "9.2(4)", }, { status: "affected", version: "9.2(2v)", }, { status: "affected", version: "9.3(1)", }, { status: "affected", version: "9.3(2)", }, { status: "affected", version: "9.3(3)", }, { status: "affected", version: "9.3(4)", }, { status: "affected", version: "9.3(5)", }, { status: "affected", version: "9.3(6)", }, { status: "affected", version: "9.3(7)", }, { status: "affected", version: "9.3(7a)", }, { status: "affected", version: "9.3(8)", }, { status: "affected", version: "9.3(9)", }, { status: "affected", version: "9.3(10)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "10.1(1)", }, { status: "affected", version: "10.1(2)", }, { status: "affected", version: "10.1(2t)", }, { status: "affected", version: "10.2(1)", }, { status: "affected", version: "10.2(1q)", }, { status: "affected", version: "10.2(2)", }, { status: "affected", version: "10.2(3)", }, { status: "affected", version: "10.2(3t)", }, { status: "affected", version: "10.2(4)", }, { status: "affected", version: "10.2(5)", }, { status: "affected", version: "10.3(1)", }, { status: "affected", version: "10.3(2)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-671", description: "Lack of Administrator Control over Security", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T16:57:46.171Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-sftp-xVAp5Hfd", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd", }, ], source: { advisory: "cisco-sa-nxos-sftp-xVAp5Hfd", defects: [ "CSCwe47138", ], discovery: "INTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20115", datePublished: "2023-08-23T18:20:34.184Z", dateReserved: "2022-10-27T18:47:50.344Z", dateUpdated: "2024-10-02T18:56:36.940Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3517
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.679Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3517", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:07.454503Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:30.343Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:48", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3517", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], }, source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3517", datePublished: "2020-08-27T15:40:48.124786Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:30.343Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4213
Vulnerability from cvelistv5
Published
2015-06-24 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032712 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75378 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:11.784Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032712", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032712", }, { name: "75378", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75378", }, { name: "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-23T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-23T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1032712", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032712", }, { name: "75378", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75378", }, { name: "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4213", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032712", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032712", }, { name: "75378", refsource: "BID", url: "http://www.securityfocus.com/bid/75378", }, { name: "20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4213", datePublished: "2015-06-24T10:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:11.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1780
Vulnerability from cvelistv5
Published
2019-05-16 17:00
Modified
2024-11-21 19:23
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108392 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.632Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108392", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1780", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:18.043976Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:23:24.133Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T09:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108392", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1780", defect: [ [ "CSCvi01431", "CSCvi01440", "CSCvi92326", "CSCvi92328", "CSCvi92329", "CSCvi92332", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1780", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { name: "108392", refsource: "BID", url: "http://www.securityfocus.com/bid/108392", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1780", defect: [ [ "CSCvi01431", "CSCvi01440", "CSCvi92326", "CSCvi92328", "CSCvi92329", "CSCvi92332", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1780", datePublished: "2019-05-16T17:00:17.177415Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:23:24.133Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-44487
Vulnerability from cvelistv5
Published
2023-10-10 00:00
Modified
2025-03-07 18:15
Severity ?
EPSS score ?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "http", vendor: "ietf", versions: [ { status: "affected", version: "2.0", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-44487", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T20:34:21.334116Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-10-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-44487", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-23T20:35:03.253Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-19T07:48:04.546Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { tags: [ "x_transferred", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { tags: [ "x_transferred", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { tags: [ "x_transferred", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { tags: [ "x_transferred", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { tags: [ "x_transferred", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37831062", }, { tags: [ "x_transferred", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { tags: [ "x_transferred", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { tags: [ "x_transferred", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { tags: [ "x_transferred", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { tags: [ "x_transferred", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { tags: [ "x_transferred", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { tags: [ "x_transferred", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { tags: [ "x_transferred", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { tags: [ "x_transferred", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37830987", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37830998", }, { tags: [ "x_transferred", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { tags: [ "x_transferred", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { tags: [ "x_transferred", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { tags: [ "x_transferred", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { tags: [ "x_transferred", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { tags: [ "x_transferred", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { tags: [ "x_transferred", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { tags: [ "x_transferred", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { tags: [ "x_transferred", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { tags: [ "x_transferred", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { tags: [ "x_transferred", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { tags: [ "x_transferred", ], url: "https://github.com/facebook/proxygen/pull/466", }, { tags: [ "x_transferred", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { tags: [ "x_transferred", ], url: "https://github.com/micrictor/http2-rst-stream", }, { tags: [ "x_transferred", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { tags: [ "x_transferred", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { tags: [ "x_transferred", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { tags: [ "x_transferred", ], url: "https://github.com/h2o/h2o/pull/3291", }, { tags: [ "x_transferred", ], url: "https://github.com/nodejs/node/pull/50121", }, { tags: [ "x_transferred", ], url: "https://github.com/dotnet/announcements/issues/277", }, { tags: [ "x_transferred", ], url: "https://github.com/golang/go/issues/63417", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { tags: [ "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { tags: [ "x_transferred", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { tags: [ "x_transferred", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { tags: [ "x_transferred", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { tags: [ "x_transferred", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { tags: [ "x_transferred", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37837043", }, { tags: [ "x_transferred", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { tags: [ "x_transferred", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { tags: [ "x_transferred", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { name: "DSA-5522", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { name: "DSA-5521", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { tags: [ "x_transferred", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { tags: [ "x_transferred", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { tags: [ "x_transferred", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { tags: [ "x_transferred", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { tags: [ "x_transferred", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { tags: [ "x_transferred", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { tags: [ "x_transferred", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/httpd-site/pull/10", }, { tags: [ "x_transferred", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { tags: [ "x_transferred", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { tags: [ "x_transferred", ], url: "https://github.com/line/armeria/pull/5232", }, { tags: [ "x_transferred", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { tags: [ "x_transferred", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/akka/akka-http/issues/4323", }, { tags: [ "x_transferred", ], url: "https://github.com/openresty/openresty/issues/930", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/apisix/issues/10320", }, { tags: [ "x_transferred", ], url: "https://github.com/Azure/AKS/issues/3947", }, { tags: [ "x_transferred", ], url: "https://github.com/Kong/kong/discussions/11741", }, { tags: [ "x_transferred", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { tags: [ "x_transferred", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { name: "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { tags: [ "x_transferred", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { tags: [ "x_transferred", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { name: "FEDORA-2023-ed2642fd58", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { tags: [ "x_transferred", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { name: "[oss-security] 20231018 Vulnerability in Jenkins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { name: "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { name: "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { name: "FEDORA-2023-54fadada12", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { name: "FEDORA-2023-5ff7bf1dd8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { name: "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { name: "FEDORA-2023-17efd3f2cd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { name: "FEDORA-2023-d5030c983c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { name: "FEDORA-2023-0259c3f26f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { name: "FEDORA-2023-2a9214af5f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { name: "FEDORA-2023-e9c04d81c1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { name: "FEDORA-2023-f66fc0f62a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { name: "FEDORA-2023-4d2fd884ea", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { name: "FEDORA-2023-b2c50535cb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { name: "FEDORA-2023-fe53e13b5b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { name: "FEDORA-2023-4bf641255e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { name: "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { name: "DSA-5540", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { name: "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { tags: [ "x_transferred", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { name: "FEDORA-2023-1caffb88af", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { name: "FEDORA-2023-3f70b8d406", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { name: "FEDORA-2023-7b52921cae", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { name: "FEDORA-2023-7934802344", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { name: "FEDORA-2023-dbe64661af", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { name: "FEDORA-2023-822aab0a5a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { name: "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { name: "DSA-5549", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { name: "FEDORA-2023-c0c6a91330", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { name: "FEDORA-2023-492b7be466", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { name: "DSA-5558", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { name: "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { name: "GLSA-202311-09", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202311-09", }, { name: "DSA-5570", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { url: "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T18:15:13.812Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { url: "https://news.ycombinator.com/item?id=37831062", }, { url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { url: "https://github.com/envoyproxy/envoy/pull/30055", }, { url: "https://github.com/haproxy/haproxy/issues/2312", }, { url: "https://github.com/eclipse/jetty.project/issues/10679", }, { url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { url: "https://github.com/alibaba/tengine/issues/1872", }, { url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { url: "https://news.ycombinator.com/item?id=37830987", }, { url: "https://news.ycombinator.com/item?id=37830998", }, { url: "https://github.com/caddyserver/caddy/issues/5877", }, { url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { url: "https://github.com/grpc/grpc-go/pull/6703", }, { url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { url: "https://my.f5.com/manage/s/article/K000137106", }, { url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { name: "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/7", }, { name: "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/6", }, { url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { url: "https://github.com/facebook/proxygen/pull/466", }, { url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { url: "https://github.com/micrictor/http2-rst-stream", }, { url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { url: "https://github.com/h2o/h2o/pull/3291", }, { url: "https://github.com/nodejs/node/pull/50121", }, { url: "https://github.com/dotnet/announcements/issues/277", }, { url: "https://github.com/golang/go/issues/63417", }, { url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { url: "https://github.com/apache/trafficserver/pull/10564", }, { url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { url: "https://news.ycombinator.com/item?id=37837043", }, { url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { name: "DSA-5522", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { name: "DSA-5521", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { url: "https://github.com/ninenines/cowboy/issues/1615", }, { url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { url: "https://blog.vespa.ai/cve-2023-44487/", }, { url: "https://github.com/etcd-io/etcd/issues/16740", }, { url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { url: "https://ubuntu.com/security/CVE-2023-44487", }, { url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { url: "https://github.com/apache/httpd-site/pull/10", }, { url: "https://github.com/projectcontour/contour/pull/5826", }, { url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { url: "https://github.com/line/armeria/pull/5232", }, { url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { url: "https://github.com/akka/akka-http/issues/4323", }, { url: "https://github.com/openresty/openresty/issues/930", }, { url: "https://github.com/apache/apisix/issues/10320", }, { url: "https://github.com/Azure/AKS/issues/3947", }, { url: "https://github.com/Kong/kong/discussions/11741", }, { url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { name: "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { name: "FEDORA-2023-ed2642fd58", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { name: "[oss-security] 20231018 Vulnerability in Jenkins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { name: "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { name: "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { name: "FEDORA-2023-54fadada12", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { name: "FEDORA-2023-5ff7bf1dd8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { name: "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { name: "FEDORA-2023-17efd3f2cd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { name: "FEDORA-2023-d5030c983c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { name: "FEDORA-2023-0259c3f26f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { name: "FEDORA-2023-2a9214af5f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { name: "FEDORA-2023-e9c04d81c1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { name: "FEDORA-2023-f66fc0f62a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { name: "FEDORA-2023-4d2fd884ea", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { name: "FEDORA-2023-b2c50535cb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { name: "FEDORA-2023-fe53e13b5b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { name: "FEDORA-2023-4bf641255e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { name: "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { name: "DSA-5540", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { name: "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { name: "FEDORA-2023-1caffb88af", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { name: "FEDORA-2023-3f70b8d406", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { name: "FEDORA-2023-7b52921cae", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { name: "FEDORA-2023-7934802344", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { name: "FEDORA-2023-dbe64661af", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { name: "FEDORA-2023-822aab0a5a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { name: "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { name: "DSA-5549", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { name: "FEDORA-2023-c0c6a91330", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { name: "FEDORA-2023-492b7be466", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { name: "DSA-5558", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { name: "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { name: "GLSA-202311-09", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { name: "DSA-5570", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { url: "https://github.com/grpc/grpc/releases/tag/v1.59.2", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-44487", datePublished: "2023-10-10T00:00:00.000Z", dateReserved: "2023-09-29T00:00:00.000Z", dateUpdated: "2025-03-07T18:15:13.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10136
Vulnerability from cvelistv5
Published
2020-06-02 08:35
Modified
2024-09-17 00:56
Severity ?
EPSS score ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IETF | RFC2003 - IP Encapsulation within IP |
Version: STD 1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:50:57.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#636397", tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/636397/", }, { tags: [ "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { tags: [ "x_transferred", ], url: "https://www.digi.com/resources/security", }, { name: "VU#636397", tags: [ "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/636397", }, { name: "Security Concerns with IP Tunneling", tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/html/rfc6169", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "RFC2003 - IP Encapsulation within IP", vendor: "IETF", versions: [ { status: "affected", version: "STD 1", }, ], }, ], credits: [ { lang: "en", value: "Thanks to Yannay Livneh for reporting this issue.", }, ], datePublic: "2020-06-01T00:00:00", descriptions: [ { lang: "en", value: "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290 Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-17T21:10:04.191Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "VU#636397", url: "https://kb.cert.org/vuls/id/636397/", }, { url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { url: "https://www.digi.com/resources/security", }, { name: "VU#636397", url: "https://www.kb.cert.org/vuls/id/636397", }, { name: "Security Concerns with IP Tunneling", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, ], solutions: [ { lang: "en", value: "Customers should apply the latest patch provided by the affected vendor that addresses this issue and prevents unspecified IP-in-IP packets from being processed. Devices manufacturers are urged to disable IP-in-IP in their default configuration and require their customers to explicitly configure IP-in-IP as and when needed.", }, ], source: { discovery: "EXTERNAL", }, title: "IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic", workarounds: [ { lang: "en", value: "Users can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and not IP protocol version 4 (IPv4).", }, ], x_generator: { engine: "cveClient/1.0.15", }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2020-10136", datePublished: "2020-06-02T08:35:12.921954Z", dateReserved: "2020-03-05T00:00:00", dateUpdated: "2024-09-17T00:56:11.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1767
Vulnerability from cvelistv5
Published
2019-05-15 18:45
Modified
2024-11-20 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108386 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.722Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108386", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1767", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:00.651175Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:22:19.231Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-20T15:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108386", }, ], source: { advisory: "cisco-sa-20190515-nxos-overflow-inj", defect: [ [ "CSCvh76129", "CSCvh76132", "CSCvj00497", "CSCvj10162", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1767", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", refsource: "BID", url: "http://www.securityfocus.com/bid/108386", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-overflow-inj", defect: [ [ "CSCvh76129", "CSCvh76132", "CSCvj00497", "CSCvj10162", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1767", datePublished: "2019-05-15T18:45:18.115908Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:22:19.231Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4237
Vulnerability from cvelistv5
Published
2015-07-03 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032775 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032775", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032775", }, { name: "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-23T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1032775", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032775", }, { name: "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4237", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032775", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032775", }, { name: "20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4237", datePublished: "2015-07-03T10:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3119
Vulnerability from cvelistv5
Published
2020-02-05 17:45
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < 9.3(2) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3119", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:08.322696Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:42:33.555Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "9.3(2)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-05T18:06:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], source: { advisory: "cisco-sa-20200205-nxos-cdp-rce", defect: [ [ "CSCvr09175", "CSCvr09531", "CSCvr09539", "CSCvr09544", "CSCvr09555", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-05T16:00:00-0800", ID: "CVE-2020-3119", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "9.3(2)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], }, source: { advisory: "cisco-sa-20200205-nxos-cdp-rce", defect: [ [ "CSCvr09175", "CSCvr09531", "CSCvr09539", "CSCvr09544", "CSCvr09555", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3119", datePublished: "2020-02-05T17:45:15.813799Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:42:33.555Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3454
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 5.0(1a) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.101Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3454", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:18:16.027701Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:22.655Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 5.0(1a)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:17", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY", }, ], source: { advisory: "cisco-sa-callhome-cmdinj-zkxzSCY", defect: [ [ "CSCve15011", "CSCvg11715", "CSCvg11732", "CSCvg11752", "CSCvh85161", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Call Home Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3454", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Call Home Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 5.0(1a)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco NX-OS Software Call Home Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY", }, ], }, source: { advisory: "cisco-sa-callhome-cmdinj-zkxzSCY", defect: [ [ "CSCve15011", "CSCvg11715", "CSCvg11732", "CSCvg11752", "CSCvh85161", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3454", datePublished: "2020-08-27T15:40:17.920177Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:22.655Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1730
Vulnerability from cvelistv5
Published
2019-05-15 16:50
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108397 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.051Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass", }, { name: "108397", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108397", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1730", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:38.466792Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:30:45.299Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T13:06:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass", }, { name: "108397", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108397", }, ], source: { advisory: "cisco-sa-20190515-nxos-bash-bypass", defect: [ [ "CSCvh76090", "CSCvj01472", "CSCvj01497", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1730", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.0", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass", }, { name: "108397", refsource: "BID", url: "http://www.securityfocus.com/bid/108397", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-bash-bypass", defect: [ [ "CSCvh76090", "CSCvj01472", "CSCvj01497", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1730", datePublished: "2019-05-15T16:50:43.974976Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:30:45.299Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1734
Vulnerability from cvelistv5
Published
2019-11-05 19:15
Modified
2024-11-21 19:06
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 6.2(7) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1734", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:55:53.041640Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:06:05.831Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "6.2(7)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-05T19:15:35", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-info", defect: [ [ "CSCvj59436", "CSCvk50808", "CSCvk50810", "CSCvk50814", "CSCvk50816", "CSCvk50838", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1734", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "6.2(7)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-info", defect: [ [ "CSCvj59436", "CSCvk50808", "CSCvk50810", "CSCvk50814", "CSCvk50816", "CSCvk50838", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1734", datePublished: "2019-11-05T19:15:35.896970Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:06:05.831Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3120
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Version: unspecified < 2.3.1.173 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.647Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3120", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:31.395421Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:42:14.893Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS XR Software", vendor: "Cisco", versions: [ { lessThan: "2.3.1.173", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-05T18:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-05T16:00:00-0800", ID: "CVE-2020-3120", STATE: "PUBLIC", TITLE: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS XR Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "2.3.1.173", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, ], }, references: { reference_data: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], }, source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3120", datePublished: "2020-02-05T17:50:18.427416Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:42:14.893Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20284
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(6)N1(1a) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 7.3(4)N1(1a) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 7.1(1)N1(1) Version: 8.4(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.1(4)N1(1d) Version: 7.3(2)D1(1) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 7.1(2)N1(1a) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 7.3(7)N1(1) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(9)D1(1) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 8.4(6) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 8.2(11) Version: 10.3(5) Version: 10.2(7) Version: 10.4(3) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-20284", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T17:19:10.303470Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T17:19:17.361Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "8.2(5)", }, { status: "affected", version: "7.3(6)N1(1a)", }, { status: "affected", version: "7.3(5)D1(1)", }, { status: "affected", version: "8.4(2)", }, { status: "affected", version: "7.3(6)N1(1)", }, { status: "affected", version: "6.2(2)", }, { status: "affected", version: "8.4(3)", }, { status: "affected", version: "9.2(3)", }, { status: "affected", version: "7.0(3)I5(2)", }, { status: "affected", version: "8.2(1)", }, { status: "affected", version: "6.0(2)A8(7a)", }, { status: "affected", version: "7.0(3)I4(5)", }, { status: "affected", version: "6.0(2)A6(1)", }, { status: "affected", version: "7.3(1)D1(1)", }, { status: "affected", version: "6.2(14a)", }, { status: "affected", version: "7.0(3)I4(6)", }, { status: "affected", version: "7.3(4)N1(1)", }, { status: "affected", version: "7.0(3)I4(3)", }, { status: "affected", version: "9.2(2v)", }, { status: "affected", version: "6.0(2)A6(5b)", }, { status: "affected", version: "7.3(0)D1(1)", }, { status: "affected", version: "6.2(17a)", }, { status: "affected", version: "7.0(3)I4(7)", }, { status: "affected", version: "6.0(2)U6(1a)", }, { status: "affected", version: "7.1(5)N1(1b)", }, { status: "affected", version: "7.0(3)I4(1)", }, { status: "affected", version: "7.0(3)I4(8)", }, { status: "affected", version: "7.0(3)I4(2)", }, { status: "affected", version: "7.1(4)N1(1c)", }, { status: "affected", version: "7.0(3)IM3(1)", }, { status: "affected", version: "6.0(2)U6(5a)", }, { status: "affected", version: "6.0(2)A8(11)", }, { status: "affected", version: "6.0(2)A6(4a)", }, { status: "affected", version: "6.2(9)", }, { status: "affected", version: "6.2(5)", }, { status: "affected", version: "7.3(4)D1(1)", }, { status: "affected", version: "6.2(20)", }, { status: "affected", version: "9.2(1)", }, { status: "affected", version: "9.2(2t)", }, { status: "affected", version: "9.2(3y)", }, { status: "affected", version: "7.0(3)I4(1t)", }, { status: "affected", version: "6.0(2)U6(5c)", }, { status: "affected", version: "6.0(2)A6(4)", }, { status: "affected", version: "7.0(3)I7(6z)", }, { status: "affected", version: "9.3(2)", }, { status: "affected", version: "7.3(1)DY(1)", }, { status: "affected", version: "7.0(3)F3(3)", }, { status: "affected", version: "6.0(2)U6(6)", }, { status: "affected", version: "6.2(29)", }, { status: "affected", version: "7.0(3)I7(3z)", }, { status: "affected", version: "7.0(3)IM7(2)", }, { status: "affected", version: "6.0(2)A8(11b)", }, { status: "affected", version: "6.2(9a)", }, { status: "affected", version: "7.3(0)N1(1)", }, { status: "affected", version: "7.0(3)I7(5a)", }, { status: "affected", version: "6.2(11d)", }, { status: "affected", version: "8.1(1)", }, { status: "affected", version: "7.0(3)I6(1)", }, { status: "affected", version: "6.0(2)U6(10)", }, { status: "affected", version: "7.2(2)D1(2)", }, { status: "affected", version: "7.0(3)IM3(2)", }, { status: "affected", version: "6.0(2)A6(8)", }, { status: "affected", version: "8.2(2)", }, { status: "affected", version: "6.0(2)U6(1)", }, { status: "affected", version: "7.3(2)N1(1c)", }, { status: "affected", version: "7.0(3)I5(3b)", }, { status: "affected", version: "8.3(2)", }, { status: "affected", version: "7.3(5)N1(1)", }, { status: "affected", version: "6.0(2)A6(2a)", }, { status: "affected", version: "7.3(2)N1(1b)", }, { status: "affected", version: "6.2(27)", }, { status: "affected", version: "7.3(2)D1(3a)", }, { status: "affected", version: "7.3(1)N1(1)", }, { status: "affected", version: "6.0(2)U6(7)", }, { status: "affected", version: "9.2(4)", }, { status: "affected", version: "7.1(4)N1(1a)", }, { status: "affected", version: "7.1(3)N1(4)", }, { status: "affected", version: "7.0(3)IM3(2a)", }, { status: "affected", version: "6.2(8b)", }, { status: "affected", version: "6.0(2)A8(10)", }, { status: "affected", version: "7.1(3)N1(2)", }, { status: "affected", version: "6.2(13)", }, { status: "affected", version: "6.0(2)A8(2)", }, { status: "affected", version: "7.0(3)IC4(4)", }, { status: "affected", version: "6.2(1)", }, { status: "affected", version: "7.3(4)N1(1a)", }, { status: "affected", version: "8.1(2)", }, { status: "affected", version: "6.0(2)A6(3)", }, { status: "affected", version: "6.0(2)U6(5b)", }, { status: "affected", version: "7.0(3)F3(3c)", }, { status: "affected", version: "7.3(3)D1(1)", }, { status: "affected", version: "7.0(3)F3(1)", }, { status: "affected", version: "6.0(2)U6(5)", }, { status: "affected", version: "7.0(3)F3(5)", }, { status: "affected", version: "7.1(2)N1(1)", }, { status: "affected", version: "7.1(3)N1(3)", }, { status: "affected", version: "8.2(3)", }, { status: "affected", version: "6.0(2)A6(7)", }, { status: "affected", version: "7.0(3)I7(2)", }, { status: "affected", version: "6.2(5a)", }, { status: "affected", version: "6.2(18)", }, { status: "affected", version: "6.0(2)A6(5)", }, { status: "affected", version: "7.0(3)IM3(2b)", }, { status: "affected", version: "7.1(3)N1(1)", }, { status: "affected", version: "6.0(2)U6(4a)", }, { status: "affected", version: "7.0(3)I5(3)", }, { status: "affected", version: "7.0(3)I7(3)", }, { status: "affected", version: "6.0(2)A8(6)", }, { status: "affected", version: "7.0(3)I6(2)", }, { status: "affected", version: "8.3(1)", }, { status: "affected", version: "6.2(3)", }, { status: "affected", version: "6.2(22)", }, { status: "affected", version: "7.1(1)N1(1)", }, { status: "affected", version: "8.4(1)", }, { status: "affected", version: "8.1(1b)", }, { status: "affected", version: "7.3(0)N1(1b)", }, { status: "affected", version: "7.2(2)D1(4)", }, { status: "affected", version: "6.0(2)A8(5)", }, { status: "affected", version: "7.3(0)DX(1)", }, { status: "affected", version: "7.1(4)N1(1d)", }, { status: "affected", version: "7.3(2)D1(1)", }, { status: "affected", version: "7.3(2)N1(1)", }, { status: "affected", version: "6.0(2)U6(8)", }, { status: "affected", version: "7.1(1)N1(1a)", }, { status: "affected", version: "7.0(3)IM3(3)", }, { status: "affected", version: "9.3(1)", }, { status: "affected", version: "6.0(2)U6(2)", }, { status: "affected", version: "6.2(9b)", }, { status: "affected", version: "7.1(3)N1(2a)", }, { status: "affected", version: "7.3(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(7)", }, { status: "affected", version: "7.0(3)I7(6)", }, { status: "affected", version: "7.3(2)D1(2)", }, { status: "affected", version: "6.2(25)", }, { status: "affected", version: "6.0(2)U6(3a)", }, { status: "affected", version: "8.0(1)", }, { status: "affected", version: "6.0(2)A8(11a)", }, { status: "affected", version: "6.2(11e)", }, { status: "affected", version: "7.1(3)N1(5)", }, { status: "affected", version: "7.0(3)I4(8z)", }, { status: "affected", version: "6.2(11)", }, { status: "affected", version: "7.0(3)I4(9)", }, { status: "affected", version: "6.2(16)", }, { status: "affected", version: "6.2(19)", }, { status: "affected", version: "8.2(4)", }, { status: "affected", version: "6.2(2a)", }, { status: "affected", version: "7.2(2)D1(3)", }, { status: "affected", version: "7.1(0)N1(1b)", }, { status: "affected", version: "7.0(3)I7(4)", }, { status: "affected", version: "7.0(3)I7(7)", }, { status: "affected", version: "6.2(5b)", }, { status: "affected", version: "7.3(0)DY(1)", }, { status: "affected", version: "6.0(2)A8(9)", }, { status: "affected", version: "6.0(2)A8(1)", }, { status: "affected", version: "7.1(5)N1(1)", }, { status: "affected", version: "7.2(1)D1(1)", }, { status: "affected", version: "6.2(15)", }, { status: "affected", version: "6.0(2)A6(6)", }, { status: "affected", version: "6.0(2)A8(10a)", }, { status: "affected", version: "7.0(3)I5(1)", }, { status: "affected", version: "9.3(1z)", }, { status: "affected", version: "9.2(2)", }, { status: "affected", version: "6.2(7)", }, { status: "affected", version: "6.2(9c)", }, { status: "affected", version: "7.0(3)F3(4)", }, { status: "affected", version: "7.3(3)N1(1)", }, { status: "affected", version: "6.2(6b)", }, { status: "affected", version: "7.0(3)I4(8b)", }, { status: "affected", version: "8.1(2a)", }, { status: "affected", version: "7.3(2)D1(3)", }, { status: "affected", version: "6.2(8)", }, { status: "affected", version: "6.0(2)A8(3)", }, { status: "affected", version: "6.2(11b)", }, { status: "affected", version: "7.0(3)I4(6t)", }, { status: "affected", version: "7.0(3)I5(3a)", }, { status: "affected", version: "8.1(1a)", }, { status: "affected", version: "6.2(13a)", }, { status: "affected", version: "6.0(2)A8(8)", }, { status: "affected", version: "7.0(3)I7(5)", }, { status: "affected", version: "7.0(3)F3(3a)", }, { status: "affected", version: "7.1(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(4)", }, { status: "affected", version: "6.0(2)A6(3a)", }, { status: "affected", version: "6.0(2)A6(5a)", }, { status: "affected", version: "7.0(3)F2(1)", }, { status: "affected", version: "7.0(3)I4(8a)", }, { status: "affected", version: "6.0(2)U6(9)", }, { status: "affected", version: "7.0(3)F3(2)", }, { status: "affected", version: "6.0(2)U6(2a)", }, { status: "affected", version: "6.2(12)", }, { status: "affected", version: "6.2(17)", }, { status: "affected", version: "7.0(3)I4(4)", }, { status: "affected", version: "6.2(23)", }, { status: "affected", version: "6.2(13b)", }, { status: "affected", version: "6.0(2)U6(3)", }, { status: "affected", version: "6.2(10)", }, { status: "affected", version: "6.2(6a)", }, { status: "affected", version: "6.2(6)", }, { status: "affected", version: "7.1(2)N1(1a)", }, { status: "affected", version: "6.2(14)", }, { status: "affected", version: "7.0(3)I7(1)", }, { status: "affected", version: "6.2(14b)", }, { status: "affected", version: "6.2(21)", }, { status: "affected", version: "7.2(2)D1(1)", }, { status: "affected", version: "7.0(3)F2(2)", }, { status: "affected", version: "7.0(3)IA7(2)", }, { status: "affected", version: "7.0(3)IA7(1)", }, { status: "affected", version: "6.0(2)A8(7b)", }, { status: "affected", version: "6.2(8a)", }, { status: "affected", version: "6.2(11c)", }, { status: "affected", version: "7.0(3)F1(1)", }, { status: "affected", version: "6.0(2)A6(1a)", }, { status: "affected", version: "7.1(0)N1(1)", }, { status: "affected", version: "7.2(0)D1(1)", }, { status: "affected", version: "6.0(2)A6(2)", }, { status: "affected", version: "7.1(4)N1(1)", }, { status: "affected", version: "6.0(2)A8(4a)", }, { status: "affected", version: "6.2(20a)", }, { status: "affected", version: "6.0(2)U6(4)", }, { status: "affected", version: "8.4(1a)", }, { status: "affected", version: "9.3(3)", }, { status: "affected", version: "7.3(2)D1(1d)", }, { status: "affected", version: "7.3(7)N1(1)", }, { status: "affected", version: "6.2(24)", }, { status: "affected", version: "6.2(31)", }, { status: "affected", version: "7.0(3)I7(8)", }, { status: "affected", version: "6.0(2)U6(10a)", }, { status: "affected", version: "7.3(7)N1(1a)", }, { status: "affected", version: "9.3(4)", }, { status: "affected", version: "7.3(6)D1(1)", }, { status: "affected", version: "6.2(26)", }, { status: "affected", version: "8.2(6)", }, { status: "affected", version: "6.2(33)", }, { status: "affected", version: "9.3(5)", }, { status: "affected", version: "8.4(2a)", }, { status: "affected", version: "8.4(2b)", }, { status: "affected", version: "7.3(8)N1(1)", }, { status: "affected", version: "7.0(3)I7(9)", }, { status: "affected", version: "7.3(7)N1(1b)", }, { status: "affected", version: "6.2(24a)", }, { status: "affected", version: "8.5(1)", }, { status: "affected", version: "9.3(6)", }, { status: "affected", version: "10.1(2)", }, { status: "affected", version: "10.1(1)", }, { status: "affected", version: "8.4(4)", }, { status: "affected", version: "7.3(7)D1(1)", }, { status: "affected", version: "8.4(2c)", }, { status: "affected", version: "9.3(5w)", }, { status: "affected", version: "8.2(7)", }, { status: "affected", version: "7.3(9)N1(1)", }, { status: "affected", version: "9.3(7)", }, { status: "affected", version: "9.3(7k)", }, { status: "affected", version: "7.0(3)I7(9w)", }, { status: "affected", version: "10.2(1)", }, { status: "affected", version: "7.3(8)N1(1a)", }, { status: "affected", version: "7.3(8)D1(1)", }, { status: "affected", version: "9.3(7a)", }, { status: "affected", version: "8.2(7a)", }, { status: "affected", version: "9.3(8)", }, { status: "affected", version: "8.4(4a)", }, { status: "affected", version: "8.4(2d)", }, { status: "affected", version: "7.3(10)N1(1)", }, { status: "affected", version: "8.4(5)", }, { status: "affected", version: "7.0(3)I7(10)", }, { status: "affected", version: "7.3(8)N1(1b)", }, { status: "affected", version: "8.2(8)", }, { status: "affected", version: "10.2(1q)", }, { status: "affected", version: "10.2(2)", }, { status: "affected", version: "9.3(9)", }, { status: "affected", version: "10.1(2t)", }, { status: "affected", version: "7.3(9)D1(1)", }, { status: "affected", version: "7.3(11)N1(1)", }, { status: "affected", version: "10.2(3)", }, { status: "affected", version: "8.4(6)", }, { status: "affected", version: "10.2(3t)", }, { status: "affected", version: "8.4(2e)", }, { status: "affected", version: "9.3(10)", }, { status: "affected", version: "7.3(11)N1(1a)", }, { status: "affected", version: "10.2(2a)", }, { status: "affected", version: "7.3(12)N1(1)", }, { status: "affected", version: "9.2(1a)", }, { status: "affected", version: "8.2(9)", }, { status: "affected", version: "10.3(1)", }, { status: "affected", version: "10.2(4)", }, { status: "affected", version: "7.3(13)N1(1)", }, { status: "affected", version: "8.4(7)", }, { status: "affected", version: "10.3(2)", }, { status: "affected", version: "8.4(6a)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "10.3(3)", }, { status: "affected", version: "10.2(5)", }, { status: "affected", version: "9.4(1)", }, { status: "affected", version: "9.3(2a)", }, { status: "affected", version: "8.4(2f)", }, { status: "affected", version: "8.2(10)", }, { status: "affected", version: "9.3(12)", }, { status: "affected", version: "10.2(3v)", }, { status: "affected", version: "10.4(1)", }, { status: "affected", version: "8.4(8)", }, { status: "affected", version: "10.3(99w)", }, { status: "affected", version: "7.3(14)N1(1)", }, { status: "affected", version: "10.2(6)", }, { status: "affected", version: "10.3(3w)", }, { status: "affected", version: "10.3(99x)", }, { status: "affected", version: "10.3(3o)", }, { status: "affected", version: "8.4(9)", }, { status: "affected", version: "10.3(4)", }, { status: "affected", version: "10.3(3p)", }, { status: "affected", version: "10.3(4a)", }, { status: "affected", version: "9.4(1a)", }, { status: "affected", version: "10.4(2)", }, { status: "affected", version: "10.3(3q)", }, { status: "affected", version: "9.3(13)", }, { status: "affected", version: "8.2(11)", }, { status: "affected", version: "10.3(5)", }, { status: "affected", version: "10.2(7)", }, { status: "affected", version: "10.4(3)", }, { status: "affected", version: "10.3(3x)", }, { status: "affected", version: "10.3(4g)", }, { status: "affected", version: "10.3(3r)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "Protection Mechanism Failure", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-28T16:37:35.281Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-psbe-ce-YvbTn5du", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { name: "Cisco NX-OS Security with Python", url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], source: { advisory: "cisco-sa-nxos-psbe-ce-YvbTn5du", defects: [ "CSCwh77779", ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Python Parser Escape Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20284", datePublished: "2024-08-28T16:37:35.281Z", dateReserved: "2023-11-08T15:08:07.626Z", dateUpdated: "2024-08-28T17:19:17.361Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4301
Vulnerability from cvelistv5
Published
2015-08-19 15:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033267 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431", }, { name: "1033267", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033267", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-08-12T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-22T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431", }, { name: "1033267", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033267", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4301", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20150812 Cisco Nexus 9000 Series Resource Exhaustion Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431", }, { name: "1033267", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033267", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4301", datePublished: "2015-08-19T15:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0686
Vulnerability from cvelistv5
Published
2015-04-03 01:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38193 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032021 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:17:32.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193", }, { name: "1032021", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032021", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-02T00:00:00", descriptions: [ { lang: "en", value: "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-08T17:57:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193", }, { name: "1032021", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032021", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-0686", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20150402 Cisco Nexus 9000 Series Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193", }, { name: "1032021", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032021", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-0686", datePublished: "2015-04-03T01:00:00", dateReserved: "2015-01-07T00:00:00", dateUpdated: "2024-08-06T04:17:32.734Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1230
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:39
Severity ?
EPSS score ?
Summary
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:02:56.062Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1230", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:03:51.718735Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:39:28.825Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS System Software in ACI Mode", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-233", description: "CWE-233", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:30", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK", }, ], source: { advisory: "cisco-sa-n9kaci-bgp-De9dPKSK", defect: [ [ "CSCvr59494", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1230", STATE: "PUBLIC", TITLE: "Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS System Software in ACI Mode", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-233", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK", }, ], }, source: { advisory: "cisco-sa-n9kaci-bgp-De9dPKSK", defect: [ [ "CSCvr59494", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1230", datePublished: "2021-02-24T19:30:30.975897Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:39:28.825Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1731
Vulnerability from cvelistv5
Published
2019-05-15 16:50
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108353 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info", }, { name: "108353", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108353", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1731", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:39.840105Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:30:56.701Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-17T06:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info", }, { name: "108353", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108353", }, ], source: { advisory: "cisco-sa-20190515-nxos-ssh-info", defect: [ [ "CSCvh76123", "CSCvj01385", "CSCvj01386", "CSCvj01393", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1731", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.1", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info", }, { name: "108353", refsource: "BID", url: "http://www.securityfocus.com/bid/108353", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-ssh-info", defect: [ [ "CSCvh76123", "CSCvj01385", "CSCvj01386", "CSCvj01393", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1731", datePublished: "2019-05-15T16:50:36.106074Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:30:56.701Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1302
Vulnerability from cvelistv5
Published
2016-02-07 11:00
Modified
2024-08-05 22:48
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1034925 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:48:13.687Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic", }, { name: "1034925", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034925", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-03T00:00:00", descriptions: [ { lang: "en", value: "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-02T20:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic", }, { name: "1034925", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034925", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2016-1302", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20160203 Cisco Application Policy Infrastructure Controller Access Control Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic", }, { name: "1034925", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034925", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2016-1302", datePublished: "2016-02-07T11:00:00", dateReserved: "2016-01-04T00:00:00", dateUpdated: "2024-08-05T22:48:13.687Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1967
Vulnerability from cvelistv5
Published
2019-08-29 21:45
Modified
2024-11-19 18:58
Severity ?
EPSS score ?
Summary
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(2) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:35:51.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1967", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:23:18.708362Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T18:58:07.518Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(2)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-08-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-29T21:45:15", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos", }, ], source: { advisory: "cisco-sa-20190828-nxos-ntp-dos", defect: [ [ "CSCvm35740", "CSCvm51138", "CSCvm51139", "CSCvm51142", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-08-28T16:00:00-0700", ID: "CVE-2019-1967", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(2)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "20190828 Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos", }, ], }, source: { advisory: "cisco-sa-20190828-nxos-ntp-dos", defect: [ [ "CSCvm35740", "CSCvm51138", "CSCvm51139", "CSCvm51142", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1967", datePublished: "2019-08-29T21:45:15.166469Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-19T18:58:07.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20285
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 7.3(6)N1(1a) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 8.1(1) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 8.2(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 8.3(2) Version: 7.3(4)N1(1a) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 7.1(1)N1(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 6.0(2)A8(5) Version: 7.1(4)N1(1d) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 8.4(1) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(19) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 7.0(3)I4(8b) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 7.1(2)N1(1a) Version: 7.0(3)I7(1) Version: 6.2(21) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(7)N1(1) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 9.3(7a) Version: 9.3(8) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 10.3(2) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 10.3(5) Version: 10.2(7) Version: 10.4(3) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-20285", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T17:19:39.299396Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T17:19:57.207Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "7.3(6)N1(1a)", }, { status: "affected", version: "8.4(2)", }, { status: "affected", version: "7.3(6)N1(1)", }, { status: "affected", version: "9.2(3)", }, { status: "affected", version: "7.0(3)I5(2)", }, { status: "affected", version: "8.2(1)", }, { status: "affected", version: "6.0(2)A8(7a)", }, { status: "affected", version: "7.0(3)I4(5)", }, { status: "affected", version: "6.0(2)A6(1)", }, { status: "affected", version: "7.3(1)D1(1)", }, { status: "affected", version: "7.0(3)I4(6)", }, { status: "affected", version: "7.3(4)N1(1)", }, { status: "affected", version: "7.0(3)I4(3)", }, { status: "affected", version: "9.2(2v)", }, { status: "affected", version: "6.0(2)A6(5b)", }, { status: "affected", version: "7.3(0)D1(1)", }, { status: "affected", version: "6.2(17a)", }, { status: "affected", version: "7.0(3)I4(7)", }, { status: "affected", version: "6.0(2)U6(1a)", }, { status: "affected", version: "7.1(5)N1(1b)", }, { status: "affected", version: "7.0(3)I4(1)", }, { status: "affected", version: "7.0(3)I4(8)", }, { status: "affected", version: "7.0(3)I4(2)", }, { status: "affected", version: "7.1(4)N1(1c)", }, { status: "affected", version: "7.0(3)IM3(1)", }, { status: "affected", version: "6.0(2)U6(5a)", }, { status: "affected", version: "6.0(2)A8(11)", }, { status: "affected", version: "6.0(2)A6(4a)", }, { status: "affected", version: "6.2(9)", }, { status: "affected", version: "6.2(5)", }, { status: "affected", version: "9.2(1)", }, { status: "affected", version: "9.2(2t)", }, { status: "affected", version: "9.2(3y)", }, { status: "affected", version: "7.0(3)I4(1t)", }, { status: "affected", version: "6.0(2)U6(5c)", }, { status: "affected", version: "6.0(2)A6(4)", }, { status: "affected", version: "7.0(3)I7(6z)", }, { status: "affected", version: "9.3(2)", }, { status: "affected", version: "7.3(1)DY(1)", }, { status: "affected", version: "7.0(3)F3(3)", }, { status: "affected", version: "6.0(2)U6(6)", }, { status: "affected", version: "6.2(29)", }, { status: "affected", version: "7.0(3)I7(3z)", }, { status: "affected", version: "7.0(3)IM7(2)", }, { status: "affected", version: "6.0(2)A8(11b)", }, { status: "affected", version: "6.2(9a)", }, { status: "affected", version: "7.3(0)N1(1)", }, { status: "affected", version: "7.0(3)I7(5a)", }, { status: "affected", version: "6.2(11d)", }, { status: "affected", version: "7.0(3)I6(1)", }, { status: "affected", version: "6.0(2)U6(10)", }, { status: "affected", version: "7.0(3)IM3(2)", }, { status: "affected", version: "6.0(2)A6(8)", }, { status: "affected", version: "6.0(2)U6(1)", }, { status: "affected", version: "7.3(2)N1(1c)", }, { status: "affected", version: "7.0(3)I5(3b)", }, { status: "affected", version: "7.3(5)N1(1)", }, { status: "affected", version: "6.0(2)A6(2a)", }, { status: "affected", version: "7.3(2)N1(1b)", }, { status: "affected", version: "6.2(27)", }, { status: "affected", version: "7.3(1)N1(1)", }, { status: "affected", version: "6.0(2)U6(7)", }, { status: "affected", version: "9.2(4)", }, { status: "affected", version: "7.1(4)N1(1a)", }, { status: "affected", version: "8.1(1)", }, { status: "affected", version: "7.1(3)N1(4)", }, { status: "affected", version: "7.0(3)IM3(2a)", }, { status: "affected", version: "6.0(2)A8(10)", }, { status: "affected", version: "7.1(3)N1(2)", }, { status: "affected", version: "8.2(2)", }, { status: "affected", version: "6.2(13)", }, { status: "affected", version: "6.0(2)A8(2)", }, { status: "affected", version: "7.0(3)IC4(4)", }, { status: "affected", version: "6.2(1)", }, { status: "affected", version: "8.3(2)", }, { status: "affected", version: "7.3(4)N1(1a)", }, { status: "affected", version: "6.0(2)A6(3)", }, { status: "affected", version: "6.0(2)U6(5b)", }, { status: "affected", version: "7.0(3)F3(3c)", }, { status: "affected", version: "7.0(3)F3(1)", }, { status: "affected", version: "6.0(2)U6(5)", }, { status: "affected", version: "7.0(3)F3(5)", }, { status: "affected", version: "7.1(2)N1(1)", }, { status: "affected", version: "7.1(3)N1(3)", }, { status: "affected", version: "6.0(2)A6(7)", }, { status: "affected", version: "7.0(3)I7(2)", }, { status: "affected", version: "6.2(5a)", }, { status: "affected", version: "6.0(2)A6(5)", }, { status: "affected", version: "7.0(3)IM3(2b)", }, { status: "affected", version: "7.1(3)N1(1)", }, { status: "affected", version: "6.0(2)U6(4a)", }, { status: "affected", version: "7.0(3)I5(3)", }, { status: "affected", version: "7.0(3)I7(3)", }, { status: "affected", version: "6.0(2)A8(6)", }, { status: "affected", version: "7.0(3)I6(2)", }, { status: "affected", version: "8.3(1)", }, { status: "affected", version: "6.2(3)", }, { status: "affected", version: "7.1(1)N1(1)", }, { status: "affected", version: "8.1(1b)", }, { status: "affected", version: "7.3(0)N1(1b)", }, { status: "affected", version: "6.0(2)A8(5)", }, { status: "affected", version: "7.1(4)N1(1d)", }, { status: "affected", version: "7.3(2)N1(1)", }, { status: "affected", version: "6.0(2)U6(8)", }, { status: "affected", version: "7.1(1)N1(1a)", }, { status: "affected", version: "7.0(3)IM3(3)", }, { status: "affected", version: "9.3(1)", }, { status: "affected", version: "6.0(2)U6(2)", }, { status: "affected", version: "6.2(9b)", }, { status: "affected", version: "7.1(3)N1(2a)", }, { status: "affected", version: "7.3(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(7)", }, { status: "affected", version: "7.0(3)I7(6)", }, { status: "affected", version: "8.4(1)", }, { status: "affected", version: "6.2(25)", }, { status: "affected", version: "6.0(2)U6(3a)", }, { status: "affected", version: "6.0(2)A8(11a)", }, { status: "affected", version: "6.2(11e)", }, { status: "affected", version: "7.1(3)N1(5)", }, { status: "affected", version: "7.0(3)I4(8z)", }, { status: "affected", version: "6.2(11)", }, { status: "affected", version: "7.0(3)I4(9)", }, { status: "affected", version: "6.2(19)", }, { status: "affected", version: "7.1(0)N1(1b)", }, { status: "affected", version: "7.0(3)I7(4)", }, { status: "affected", version: "7.0(3)I7(7)", }, { status: "affected", version: "6.2(5b)", }, { status: "affected", version: "7.3(0)DY(1)", }, { status: "affected", version: "6.0(2)A8(9)", }, { status: "affected", version: "6.0(2)A8(1)", }, { status: "affected", version: "7.1(5)N1(1)", }, { status: "affected", version: "6.2(15)", }, { status: "affected", version: "6.0(2)A6(6)", }, { status: "affected", version: "6.0(2)A8(10a)", }, { status: "affected", version: "7.0(3)I5(1)", }, { status: "affected", version: "9.3(1z)", }, { status: "affected", version: "9.2(2)", }, { status: "affected", version: "6.2(7)", }, { status: "affected", version: "6.2(9c)", }, { status: "affected", version: "7.0(3)F3(4)", }, { status: "affected", version: "7.3(3)N1(1)", }, { status: "affected", version: "7.0(3)I4(8b)", }, { status: "affected", version: "6.0(2)A8(3)", }, { status: "affected", version: "6.2(11b)", }, { status: "affected", version: "7.0(3)I4(6t)", }, { status: "affected", version: "7.0(3)I5(3a)", }, { status: "affected", version: "8.1(1a)", }, { status: "affected", version: "6.2(13a)", }, { status: "affected", version: "6.0(2)A8(8)", }, { status: "affected", version: "7.0(3)I7(5)", }, { status: "affected", version: "7.0(3)F3(3a)", }, { status: "affected", version: "7.1(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(4)", }, { status: "affected", version: "6.0(2)A6(3a)", }, { status: "affected", version: "6.0(2)A6(5a)", }, { status: "affected", version: "7.0(3)F2(1)", }, { status: "affected", version: "7.0(3)I4(8a)", }, { status: "affected", version: "6.0(2)U6(9)", }, { status: "affected", version: "7.0(3)F3(2)", }, { status: "affected", version: "6.0(2)U6(2a)", }, { status: "affected", version: "6.2(17)", }, { status: "affected", version: "7.0(3)I4(4)", }, { status: "affected", version: "6.2(23)", }, { status: "affected", version: "6.2(13b)", }, { status: "affected", version: "6.0(2)U6(3)", }, { status: "affected", version: "7.1(2)N1(1a)", }, { status: "affected", version: "7.0(3)I7(1)", }, { status: "affected", version: "6.2(21)", }, { status: "affected", version: "7.0(3)F2(2)", }, { status: "affected", version: "7.0(3)IA7(2)", }, { status: "affected", version: "7.0(3)IA7(1)", }, { status: "affected", version: "6.0(2)A8(7b)", }, { status: "affected", version: "6.2(11c)", }, { status: "affected", version: "7.0(3)F1(1)", }, { status: "affected", version: "6.0(2)A6(1a)", }, { status: "affected", version: "7.1(0)N1(1)", }, { status: "affected", version: "6.0(2)A6(2)", }, { status: "affected", version: "7.1(4)N1(1)", }, { status: "affected", version: "6.0(2)A8(4a)", }, { status: "affected", version: "6.0(2)U6(4)", }, { status: "affected", version: "8.4(1a)", }, { status: "affected", version: "9.3(3)", }, { status: "affected", version: "7.3(7)N1(1)", }, { status: "affected", version: "6.2(31)", }, { status: "affected", version: "7.0(3)I7(8)", }, { status: "affected", version: "6.0(2)U6(10a)", }, { status: "affected", version: "7.3(7)N1(1a)", }, { status: "affected", version: "9.3(4)", }, { status: "affected", version: "6.2(33)", }, { status: "affected", version: "9.3(5)", }, { status: "affected", version: "8.4(2a)", }, { status: "affected", version: "8.4(2b)", }, { status: "affected", version: "7.3(8)N1(1)", }, { status: "affected", version: "7.0(3)I7(9)", }, { status: "affected", version: "7.3(7)N1(1b)", }, { status: "affected", version: "8.5(1)", }, { status: "affected", version: "9.3(6)", }, { status: "affected", version: "10.1(2)", }, { status: "affected", version: "10.1(1)", }, { status: "affected", version: "8.4(2c)", }, { status: "affected", version: "9.3(5w)", }, { status: "affected", version: "7.3(9)N1(1)", }, { status: "affected", version: "9.3(7)", }, { status: "affected", version: "9.3(7k)", }, { status: "affected", version: "7.0(3)I7(9w)", }, { status: "affected", version: "10.2(1)", }, { status: "affected", version: "7.3(8)N1(1a)", }, { status: "affected", version: "9.3(7a)", }, { status: "affected", version: "9.3(8)", }, { status: "affected", version: "8.4(2d)", }, { status: "affected", version: "7.3(10)N1(1)", }, { status: "affected", version: "7.0(3)I7(10)", }, { status: "affected", version: "7.3(8)N1(1b)", }, { status: "affected", version: "10.2(1q)", }, { status: "affected", version: "10.2(2)", }, { status: "affected", version: "9.3(9)", }, { status: "affected", version: "10.1(2t)", }, { status: "affected", version: "7.3(11)N1(1)", }, { status: "affected", version: "10.2(3)", }, { status: "affected", version: "10.2(3t)", }, { status: "affected", version: "8.4(2e)", }, { status: "affected", version: "9.3(10)", }, { status: "affected", version: "7.3(11)N1(1a)", }, { status: "affected", version: "10.2(2a)", }, { status: "affected", version: "7.3(12)N1(1)", }, { status: "affected", version: "9.2(1a)", }, { status: "affected", version: "10.3(1)", }, { status: "affected", version: "10.2(4)", }, { status: "affected", version: "7.3(13)N1(1)", }, { status: "affected", version: "10.3(2)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "10.3(3)", }, { status: "affected", version: "10.2(5)", }, { status: "affected", version: "9.4(1)", }, { status: "affected", version: "9.3(2a)", }, { status: "affected", version: "8.4(2f)", }, { status: "affected", version: "9.3(12)", }, { status: "affected", version: "10.2(3v)", }, { status: "affected", version: "10.4(1)", }, { status: "affected", version: "10.3(99w)", }, { status: "affected", version: "7.3(14)N1(1)", }, { status: "affected", version: "10.2(6)", }, { status: "affected", version: "10.3(3w)", }, { status: "affected", version: "10.3(99x)", }, { status: "affected", version: "10.3(3o)", }, { status: "affected", version: "10.3(4)", }, { status: "affected", version: "10.3(3p)", }, { status: "affected", version: "10.3(4a)", }, { status: "affected", version: "9.4(1a)", }, { status: "affected", version: "10.4(2)", }, { status: "affected", version: "10.3(3q)", }, { status: "affected", version: "9.3(13)", }, { status: "affected", version: "10.3(5)", }, { status: "affected", version: "10.2(7)", }, { status: "affected", version: "10.4(3)", }, { status: "affected", version: "10.3(3x)", }, { status: "affected", version: "10.3(4g)", }, { status: "affected", version: "10.3(3r)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-653", description: "Insufficient Compartmentalization", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-28T16:37:27.149Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-psbe-ce-YvbTn5du", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { name: "Cisco NX-OS Security with Python", url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], source: { advisory: "cisco-sa-nxos-psbe-ce-YvbTn5du", defects: [ "CSCwh77780", ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Python Parser Escape Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20285", datePublished: "2024-08-28T16:37:27.149Z", dateReserved: "2023-11-08T15:08:07.626Z", dateUpdated: "2024-08-28T17:19:57.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1968
Vulnerability from cvelistv5
Published
2019-08-29 21:50
Modified
2024-11-19 18:57
Severity ?
EPSS score ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 6.0(2)A4(1) |
Version: unspecified < 8.3(2) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:35:52.007Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1968", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:23:15.309150Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T18:57:48.765Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 6.0(2)A4(1)", vendor: "Cisco", versions: [ { lessThan: "8.3(2)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-08-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-29T21:50:25", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", }, ], source: { advisory: "cisco-sa-20190828-nxos-api-dos", defect: [ [ "CSCvn26502", "CSCvn31273", "CSCvn57900", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software NX-API Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-08-28T16:00:00-0700", ID: "CVE-2019-1968", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software NX-API Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 6.0(2)A4(1)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(2)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", }, ], }, source: { advisory: "cisco-sa-20190828-nxos-api-dos", defect: [ [ "CSCvn26502", "CSCvn31273", "CSCvn57900", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1968", datePublished: "2019-08-29T21:50:25.458591Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-19T18:57:48.765Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12662
Vulnerability from cvelistv5
Published
2019-09-25 20:16
Modified
2024-11-20 17:09
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 6.0(2)A1(1) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.366Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12662", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:51:46.149868Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:09:50.280Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 6.0(2)A1(1)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-09-25T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-25T20:16:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman", }, ], source: { advisory: "cisco-sa-20190925-vman", defect: [ [ "CSCve53538", "CSCve93259", "CSCvg14195", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-09-25T16:00:00-0700", ID: "CVE-2019-12662", STATE: "PUBLIC", TITLE: "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 6.0(2)A1(1)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman", }, ], }, source: { advisory: "cisco-sa-20190925-vman", defect: [ [ "CSCve53538", "CSCve93259", "CSCvg14195", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12662", datePublished: "2019-09-25T20:16:01.772896Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-20T17:09:50.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4232
Vulnerability from cvelistv5
Published
2015-07-03 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032764 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75503 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.099Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569", }, { name: "1032764", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032764", }, { name: "75503", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75503", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-30T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-23T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569", }, { name: "1032764", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032764", }, { name: "75503", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75503", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4232", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20150630 Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569", }, { name: "1032764", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032764", }, { name: "75503", refsource: "BID", url: "http://www.securityfocus.com/bid/75503", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4232", datePublished: "2015-07-03T10:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.099Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1585
Vulnerability from cvelistv5
Published
2019-03-06 21:00
Modified
2024-11-20 17:27
Severity ?
EPSS score ?
Summary
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107312 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: unspecified < 4.0(1h) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.365Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec", }, { name: "107312", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107312", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1585", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:54.751170Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:27:32.056Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", vendor: "Cisco", versions: [ { lessThan: "4.0(1h)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-03-06T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-16", description: "CWE-16", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-08T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec", }, { name: "107312", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107312", }, ], source: { advisory: "cisco-sa-20190306-aci-controller-privsec", defect: [ [ "CSCvn09838", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-03-06T16:00:00-0800", ID: "CVE-2019-1585", STATE: "PUBLIC", TITLE: "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "4.0(1h)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-16", }, ], }, ], }, references: { reference_data: [ { name: "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec", }, { name: "107312", refsource: "BID", url: "http://www.securityfocus.com/bid/107312", }, ], }, source: { advisory: "cisco-sa-20190306-aci-controller-privsec", defect: [ [ "CSCvn09838", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1585", datePublished: "2019-03-06T21:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:27:32.056Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20089
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-25 16:03
Severity ?
EPSS score ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.883Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20089", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:36:32.500030Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:03:47.738Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS System Software in ACI Mode ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-02-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-789", description: "CWE-789", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX", }, ], source: { advisory: "cisco-sa-aci-lldp-dos-ySCNZOpX", defect: [ [ "CSCwc23246", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20089", datePublished: "2023-02-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:03:47.738Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-6295
Vulnerability from cvelistv5
Published
2015-09-20 14:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033611 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:15:13.326Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990", }, { name: "1033611", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033611", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-16T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990", }, { name: "1033611", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033611", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-6295", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990", }, { name: "1033611", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033611", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-6295", datePublished: "2015-09-20T14:00:00", dateReserved: "2015-08-17T00:00:00", dateUpdated: "2024-08-06T07:15:13.326Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34714
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:19:48.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-34714", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:40:36.961651Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T21:59:09.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-09-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-23T02:25:58", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, title: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-09-22T16:00:00", ID: "CVE-2021-34714", STATE: "PUBLIC", TITLE: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], }, source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-34714", datePublished: "2021-09-23T02:25:58.322621Z", dateReserved: "2021-06-15T00:00:00", dateUpdated: "2024-11-07T21:59:09.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4324
Vulnerability from cvelistv5
Published
2015-08-19 15:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033327 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/76372 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1033327", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033327", }, { name: "76372", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76372", }, { name: "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-08-17T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1033327", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033327", }, { name: "76372", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76372", }, { name: "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4324", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1033327", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033327", }, { name: "76372", refsource: "BID", url: "http://www.securityfocus.com/bid/76372", }, { name: "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4324", datePublished: "2015-08-19T15:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.896Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1690
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107317 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.21c) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.061Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1690", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:59:59.996279Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:42:40.791Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Application Policy Infrastructure Controller (APIC)", vendor: "Cisco", versions: [ { lessThan: "4.2(0.21c)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-03-06T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-12T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, title: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-03-06T16:00:00-0800", ID: "CVE-2019-1690", STATE: "PUBLIC", TITLE: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Application Policy Infrastructure Controller (APIC)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "4.2(0.21c)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "107317", refsource: "BID", url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], }, source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1690", datePublished: "2019-03-11T22:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:42:40.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1779
Vulnerability from cvelistv5
Published
2019-05-15 19:40
Modified
2024-11-21 19:26
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108394 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108394", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1779", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:34.645310Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:26:22.386Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T17:06:03", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108394", }, ], source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1779", defect: [ [ "CSCve51688", "CSCvh76126", "CSCvj00412", "CSCvj00416", "CSCvj00418", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1779", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.2", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { name: "108394", refsource: "BID", url: "http://www.securityfocus.com/bid/108394", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-fxos-cmdinj-1779", defect: [ [ "CSCve51688", "CSCvh76126", "CSCvj00412", "CSCvj00416", "CSCvj00418", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1779", datePublished: "2019-05-15T19:40:16.540228Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:26:22.386Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3174
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 7.3(2)D1(1d) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.688Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3174", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:17.520901Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:37.605Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 7.3(2)D1(1d)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:29", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp", }, ], source: { advisory: "cisco-sa-20200226-nxos-arp", defect: [ [ "CSCvq48220", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3174", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 7.3(2)D1(1d)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.7", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-345", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp", }, ], }, source: { advisory: "cisco-sa-20200226-nxos-arp", defect: [ [ "CSCvq48220", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3174", datePublished: "2020-02-26T16:50:29.751893Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:37.605Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3165
Vulnerability from cvelistv5
Published
2020-02-26 16:45
Modified
2024-11-15 17:39
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 9.2(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.707Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3165", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:22:24.323433Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:39:00.943Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "9.2(1)", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-798", description: "CWE-798", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:45:18", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5", }, ], source: { advisory: "cisco-sa-20200226-nxos-bgpmd5", defect: [ [ "CSCvq72707", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3165", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "=", version_affected: "=", version_value: "9.2(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-798", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5", }, ], }, source: { advisory: "cisco-sa-20200226-nxos-bgpmd5", defect: [ [ "CSCvq72707", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3165", datePublished: "2020-02-26T16:45:18.681531Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:39:00.943Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3398
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.383Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3398", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:11.138590Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:05.169Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:28", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", }, ], source: { advisory: "cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", defect: [ [ "CSCvr60479", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3398", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", }, ], }, source: { advisory: "cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", defect: [ [ "CSCvr60479", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3398", datePublished: "2020-08-27T15:40:28.988414Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:05.169Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1231
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS System Software in ACI Mode |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:02:56.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1231", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:48:27.423914Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:38:56.652Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS System Software in ACI Mode", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:36", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj", }, ], source: { advisory: "cisco-sa-apic-lldap-dos-WerV9CFj", defect: [ [ "CSCvu84570", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1231", STATE: "PUBLIC", TITLE: "Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS System Software in ACI Mode", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.7", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj", }, ], }, source: { advisory: "cisco-sa-apic-lldap-dos-WerV9CFj", defect: [ [ "CSCvu84570", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1231", datePublished: "2021-02-24T19:30:36.992019Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:38:56.652Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4323
Vulnerability from cvelistv5
Published
2015-08-19 23:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/76367 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1033321 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40469 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.903Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "76367", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76367", }, { name: "1033321", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033321", }, { name: "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-08-14T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-19T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "76367", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76367", }, { name: "1033321", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033321", }, { name: "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4323", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "76367", refsource: "BID", url: "http://www.securityfocus.com/bid/76367", }, { name: "1033321", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033321", }, { name: "20150814 Cisco Nexus Operating System Address Resolution Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4323", datePublished: "2015-08-19T23:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1782
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1782", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:46.135024Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:56.298Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1782", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1782", datePublished: "2019-05-15T19:45:19.350442Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:56.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1454
Vulnerability from cvelistv5
Published
2016-10-06 10:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036950 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/93417 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:55:14.642Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp", }, { name: "1036950", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036950", }, { name: "93417", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93417", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-05T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp", }, { name: "1036950", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036950", }, { name: "93417", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93417", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2016-1454", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20161005 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp", }, { name: "1036950", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036950", }, { name: "93417", refsource: "BID", url: "http://www.securityfocus.com/bid/93417", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2016-1454", datePublished: "2016-10-06T10:00:00", dateReserved: "2016-01-04T00:00:00", dateUpdated: "2024-08-05T22:55:14.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-6392
Vulnerability from cvelistv5
Published
2016-10-06 01:00
Modified
2024-08-06 07:22
Severity ?
EPSS score ?
Summary
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93406 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1036948 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:22:21.064Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93406", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93406", }, { name: "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1", }, { name: "1036948", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036948", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-05T00:00:00", descriptions: [ { lang: "en", value: "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-29T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "93406", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93406", }, { name: "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1", }, { name: "1036948", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036948", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-6392", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "93406", refsource: "BID", url: "http://www.securityfocus.com/bid/93406", }, { name: "20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1", }, { name: "1036948", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036948", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-6392", datePublished: "2016-10-06T01:00:00", dateReserved: "2015-08-17T00:00:00", dateUpdated: "2024-08-06T07:22:21.064Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4225
Vulnerability from cvelistv5
Published
2015-06-27 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75433 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032735 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:11.783Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "75433", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75433", }, { name: "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529", }, { name: "1032735", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032735", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-26T00:00:00", descriptions: [ { lang: "en", value: "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-23T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "75433", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75433", }, { name: "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529", }, { name: "1032735", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032735", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4225", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "75433", refsource: "BID", url: "http://www.securityfocus.com/bid/75433", }, { name: "20150626 Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529", }, { name: "1032735", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032735", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4225", datePublished: "2015-06-27T10:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:11.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12717
Vulnerability from cvelistv5
Published
2019-09-25 20:16
Modified
2024-11-20 17:09
Severity ?
EPSS score ?
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software 5.0(3)A1(1) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:32:53.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12717", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:51:39.940430Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:09:14.938Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software 5.0(3)A1(1)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-09-25T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-25T20:16:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj", }, ], source: { advisory: "cisco-sa-20190925-nxos-vman-cmd-inj", defect: [ [ "CSCvk76030", "CSCvo19193", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-09-25T16:00:00-0700", ID: "CVE-2019-12717", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software 5.0(3)A1(1)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20190925 Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj", }, ], }, source: { advisory: "cisco-sa-20190925-nxos-vman-cmd-inj", defect: [ [ "CSCvk76030", "CSCvo19193", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12717", datePublished: "2019-09-25T20:16:02.660912Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-20T17:09:14.938Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1969
Vulnerability from cvelistv5
Published
2019-08-29 21:50
Modified
2024-11-19 18:57
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 9.2(3) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:35:52.047Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1969", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:23:17.371897Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T18:57:58.916Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "9.2(3)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-08-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-29T21:50:19", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass", }, ], source: { advisory: "cisco-sa-20190828-nxos-snmp-bypass", defect: [ [ "CSCvo17439", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-08-28T16:00:00-0700", ID: "CVE-2019-1969", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "9.2(3)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20190828 Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass", }, ], }, source: { advisory: "cisco-sa-20190828-nxos-snmp-bypass", defect: [ [ "CSCvo17439", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1969", datePublished: "2019-08-29T21:50:19.965411Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-19T18:57:58.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1803
Vulnerability from cvelistv5
Published
2019-05-03 16:20
Modified
2024-11-20 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
Version: unspecified < 14.1(1i) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.810Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1803", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:15.565626Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:23:36.640Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", vendor: "Cisco", versions: [ { lessThan: "14.1(1i)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-01T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-03T16:20:16", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe", }, ], source: { advisory: "cisco-sa-20190501-nexus9k-rpe", defect: [ [ "CSCvo72253", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-01T16:00:00-0700", ID: "CVE-2019-1803", STATE: "PUBLIC", TITLE: "Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "14.1(1i)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20190501 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe", }, ], }, source: { advisory: "cisco-sa-20190501-nexus9k-rpe", defect: [ [ "CSCvo72253", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1803", datePublished: "2019-05-03T16:20:16.584226Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:23:36.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3415
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.399Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3415", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:18:14.256789Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:14.077Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:23", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS", }, ], source: { advisory: "cisco-sa-nxos-dme-rce-cbE3nhZS", defect: [ [ "CSCvr89315", "CSCvs10167", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3415", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS", }, ], }, source: { advisory: "cisco-sa-nxos-dme-rce-cbE3nhZS", defect: [ [ "CSCvr89315", "CSCvs10167", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3415", datePublished: "2020-08-27T15:40:23.899583Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:14.077Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1768
Vulnerability from cvelistv5
Published
2019-05-16 01:25
Modified
2024-11-20 17:18
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108386 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.669Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108386", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1768", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:18.695033Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:18:02.308Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-20T15:06:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108386", }, ], source: { advisory: "cisco-sa-20190515-nxos-overflow-inj", defect: [ [ "CSCvh76129", "CSCvh76132", "CSCvj00497", "CSCvj10162", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1768", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { name: "108386", refsource: "BID", url: "http://www.securityfocus.com/bid/108386", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-overflow-inj", defect: [ [ "CSCvh76129", "CSCvh76132", "CSCvj00497", "CSCvj10162", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1768", datePublished: "2019-05-16T01:25:21.627879Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:18:02.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3394
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.161Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3394", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:18:12.987319Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:48.378Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-285", description: "CWE-285", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:38", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC", }, ], source: { advisory: "cisco-sa-n3n9k-priv-escal-3QhXJBC", defect: [ [ "CSCvt77885", ], ], discovery: "INTERNAL", }, title: "Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3394", STATE: "PUBLIC", TITLE: "Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-285", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC", }, ], }, source: { advisory: "cisco-sa-n3n9k-priv-escal-3QhXJBC", defect: [ [ "CSCvt77885", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3394", datePublished: "2020-08-27T15:40:38.740636Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:48.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0658
Vulnerability from cvelistv5
Published
2015-03-28 01:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1031992 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38062 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:17:32.564Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1031992", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031992", }, { name: "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-27T00:00:00", descriptions: [ { lang: "en", value: "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-03-31T13:57:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1031992", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031992", }, { name: "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-0658", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1031992", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031992", }, { name: "20150327 Cisco NX-OS Software DHCP Options Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-0658", datePublished: "2015-03-28T01:00:00", dateReserved: "2015-01-07T00:00:00", dateUpdated: "2024-08-06T04:17:32.564Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1781
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1781", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:44.395123Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:46.849Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1781", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1781", datePublished: "2019-05-15T19:45:27.562921Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:46.849Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20291
Vulnerability from cvelistv5
Published
2024-02-28 16:16
Modified
2024-08-09 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.
This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 9.3(10) Version: 9.3(11) Version: 9.3(12) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T21:59:41.713Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nxos-po-acl-TkyePgvL", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nx-os", vendor: "cisco", versions: [ { status: "affected", version: "9.3\\(10\\)", }, ], }, { cpes: [ "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nx-os", vendor: "cisco", versions: [ { status: "affected", version: "9.3\\(11\\)", }, ], }, { cpes: [ "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nx-os", vendor: "cisco", versions: [ { status: "affected", version: "9.3\\(12\\)", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-20291", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-09T14:55:23.147851Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-09T14:58:23.652Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "9.3(10)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "9.3(12)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.\r\n\r This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper Access Control", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-28T16:16:33.950Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-po-acl-TkyePgvL", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL", }, ], source: { advisory: "cisco-sa-nxos-po-acl-TkyePgvL", defects: [ "CSCwf47127", ], discovery: "INTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20291", datePublished: "2024-02-28T16:16:33.950Z", dateReserved: "2023-11-08T15:08:07.628Z", dateUpdated: "2024-08-09T14:58:23.652Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-0775
Vulnerability from cvelistv5
Published
2015-06-12 14:00
Modified
2024-08-06 04:26
Severity ?
EPSS score ?
Summary
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032562 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:26:09.842Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032561", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032561", }, { name: "1032562", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032562", }, { name: "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-10T00:00:00", descriptions: [ { lang: "en", value: "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-29T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1032561", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032561", }, { name: "1032562", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032562", }, { name: "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-0775", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032561", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032561", }, { name: "1032562", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032562", }, { name: "20150610 Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-0775", datePublished: "2015-06-12T14:00:00", dateReserved: "2015-01-07T00:00:00", dateUpdated: "2024-08-06T04:26:09.842Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6457
Vulnerability from cvelistv5
Published
2016-11-19 02:45
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94077 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037185 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x) |
Version: Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:20.121Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "94077", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94077", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", }, { name: "1037185", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037185", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)", vendor: "n/a", versions: [ { status: "affected", version: "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)", }, ], }, ], datePublic: "2016-11-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).", }, ], problemTypes: [ { descriptions: [ { description: "unspecified", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "94077", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94077", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", }, { name: "1037185", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037185", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2016-6457", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)", version: { version_data: [ { version_value: "Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) 11.2(2x) through 12.0(1x)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "unspecified", }, ], }, ], }, references: { reference_data: [ { name: "94077", refsource: "BID", url: "http://www.securityfocus.com/bid/94077", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", }, { name: "1037185", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037185", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2016-6457", datePublished: "2016-11-19T02:45:00", dateReserved: "2016-07-26T00:00:00", dateUpdated: "2024-08-06T01:29:20.121Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20399
Vulnerability from cvelistv5
Published
2024-07-01 16:11
Modified
2024-09-17 18:07
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:
Nexus 3000 Series Switches
Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later
Nexus 9000 Series Switches in standalone NX-OS mode
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(6)N1(1a) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 7.3(6)N1(1) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.3(4)N1(1) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.1(5)N1(1b) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.1(4)N1(1c) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.3(0)N1(1) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.3(2)N1(1c) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 7.3(5)N1(1) Version: 6.0(2)A6(2a) Version: 7.3(2)N1(1b) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 7.3(1)N1(1) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.1(4)N1(1a) Version: 7.1(3)N1(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 7.1(3)N1(2) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 7.3(4)N1(1a) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 7.1(2)N1(1) Version: 7.1(3)N1(3) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 7.1(3)N1(1) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 7.1(1)N1(1) Version: 8.4(1) Version: 8.1(1b) Version: 7.3(0)N1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.1(4)N1(1d) Version: 7.3(2)D1(1) Version: 7.3(2)N1(1) Version: 6.0(2)U6(8) Version: 7.1(1)N1(1a) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 7.1(3)N1(2a) Version: 7.3(0)N1(1a) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.1(3)N1(5) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.1(0)N1(1b) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.1(5)N1(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 7.3(3)N1(1) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 7.1(0)N1(1a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 7.1(2)N1(1a) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.1(0)N1(1) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 7.1(4)N1(1) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 7.3(7)N1(1) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 7.3(7)N1(1a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.3(8)N1(1) Version: 7.0(3)I7(9) Version: 7.3(7)N1(1b) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 7.3(9)N1(1) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)N1(1a) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 7.3(10)N1(1) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 7.3(8)N1(1b) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 7.3(9)D1(1) Version: 7.3(11)N1(1) Version: 10.2(3) Version: 8.4(6) Version: 8.4(2e) Version: 9.3(10) Version: 7.3(11)N1(1a) Version: 10.2(2a) Version: 7.3(12)N1(1) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 7.3(13)N1(1) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 7.3(14)N1(1) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 8.2(11) Version: 9.4(2) Version: 10.3(5) Version: 10.2(7) Version: 10.3(3x) Version: 10.3(4g) Version: 10.2(8) Version: 10.3(3r) |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(5b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A6\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(7b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)A8\\(11b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(5c\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)U6\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(5b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(9a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(9b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(11\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(13a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(13b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(17\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(29\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(24a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:6.2\\(33\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F2\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(3c\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)F3\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(8z\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I4\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I5\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I6\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(5a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)I7\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)N1\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)N1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)DX\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)D1\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(7a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(2c\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(6a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.4\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)N1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:8.5\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(10\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)D1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(11\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(12\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.3\\(5\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(13\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:7.3\\(14\\)N1\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*", "cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nx-os", vendor: "cisco", versions: [ { status: "affected", version: "6.0\\(2\\)a6\\(1\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(1a\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(2\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(2a\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(3\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(3a\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(4\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(4a\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(5a\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(5b\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(6\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(7\\)", }, { status: "affected", version: "6.0\\(2\\)A6\\(8\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(1\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(2\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(3\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(4\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(4a\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(5\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(6\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(7\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(7a\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(7b\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(8\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(9\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(10a\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(10\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(11\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(11a\\)", }, { status: "affected", version: "6.0\\(2\\)A8\\(11b\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(1\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(2\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(3\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(4\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(5\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(6\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(7\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(8\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(1a\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(2a\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(3a\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(4a\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(5a\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(5b\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(5c\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(9\\)", }, { status: "affected", version: "6.0\\(2\\)U6\\(10\\)", }, { status: "affected", version: "6.2\\(2\\)", }, { status: "affected", version: "6.2\\(2a\\)", }, { status: "affected", version: "6.2\\(6\\)", }, { status: "affected", version: "6.2\\(6b\\)", }, { status: "affected", version: "6.2\\(8\\)", }, { status: "affected", version: "6.2\\(8a\\)", }, { status: "affected", version: "6.2\\(8b\\)", }, { status: "affected", version: "6.2\\(10\\)", }, { status: "affected", version: "6.2\\(12\\)", }, { status: "affected", version: "6.2\\(18\\)", }, { status: "affected", version: "6.2\\(16\\)", }, { status: "affected", version: "6.2\\(14\\)", }, { status: "affected", version: "6.2\\(6a\\)", }, { status: "affected", version: "6.2\\(20\\)", }, { status: "affected", version: "6.2\\(1\\)", }, { status: "affected", version: "6.2\\(5b\\)", }, { status: "affected", version: "6.2\\(9\\)", }, { status: "affected", version: "6.2\\(9a\\)", }, { status: "affected", version: "6.2\\(9b\\)", }, { status: "affected", version: "6.2\\(11\\)", }, { status: "affected", version: "6.2\\(13a\\)", }, { status: "affected", version: "6.2\\(13b\\)", }, { status: "affected", version: "6.2\\(17\\)", }, { status: "affected", version: "6.2\\(20a\\)", }, { status: "affected", version: "6.2\\(22\\)", }, { status: "affected", version: "6.2\\(27\\)", }, { status: "affected", version: "6.2\\(29\\)", }, { status: "affected", version: "6.2\\(24\\)", }, { status: "affected", version: "6.2\\(24a\\)", }, { status: "affected", version: "6.2\\(33\\)", }, { status: "affected", version: "7.0\\(3\\)F1\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)F2\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)F2\\(2\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(3\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(3a\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(4\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(3c\\)", }, { status: "affected", version: "7.0\\(3\\)F3\\(5\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(2\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(3\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(4\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(5\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(6\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(7\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(8\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(8a\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(8b\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(8z\\)", }, { status: "affected", version: "7.0\\(3\\)I4\\(9\\)", }, { status: "affected", version: "7.0\\(3\\)I5\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)I5\\(2\\)", }, { status: "affected", version: "7.0\\(3\\)I6\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)I6\\(2\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(1\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(2\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(3\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(4\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(5\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(5a\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(6\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(7\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(8\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(9\\)", }, { status: "affected", version: "7.0\\(3\\)I7\\(10\\)", }, { status: "affected", version: "7.1\\(0\\)N1\\(1a\\)", }, { status: "affected", version: "7.1\\(0\\)N1\\(1b\\)", }, { status: "affected", version: "7.1\\(0\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(1\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(2\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(3\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(3\\)N1\\(2\\)", }, { status: "affected", version: "7.1\\(4\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(5\\)N1\\(1\\)", }, { status: "affected", version: "7.1\\(5\\)N1\\(1b\\)", }, { status: "affected", version: "7.2\\(0\\)D1\\(1\\)", }, { status: "affected", version: "7.2\\(1\\)D1\\(1\\)", }, { status: "affected", version: "7.2\\(2\\)D1\\(2\\)", }, { status: "affected", version: "7.2\\(2\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(0\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(0\\)DX\\(1\\)", }, { status: "affected", version: "7.3\\(0\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(1\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(1\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(2\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(2\\)D1\\(2\\)", }, { status: "affected", version: "7.3\\(2\\)D1\\(3\\)", }, { status: "affected", version: "7.3\\(2\\)D1\\(3a\\)", }, { status: "affected", version: "7.3\\(2\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(3\\)N1\\(1\\)", }, { status: "affected", version: "8.0\\(1\\)", }, { status: "affected", version: "8.1\\(1\\)", }, { status: "affected", version: "8.1\\(2\\)", }, { status: "affected", version: "8.1\\(2a\\)", }, { status: "affected", version: "8.1\\(1b\\)", }, { status: "affected", version: "8.2\\(1\\)", }, { status: "affected", version: "8.2\\(2\\)", }, { status: "affected", version: "8.2\\(3\\)", }, { status: "affected", version: "8.2\\(4\\)", }, { status: "affected", version: "8.2\\(5\\)", }, { status: "affected", version: "8.2\\(6\\)", }, { status: "affected", version: "8.2\\(7\\)", }, { status: "affected", version: "8.2\\(7a\\)", }, { status: "affected", version: "8.2\\(8\\)", }, { status: "affected", version: "8.2\\(9\\)", }, { status: "affected", version: "8.2\\(10\\)", }, { status: "affected", version: "8.2\\(11\\)", }, { status: "affected", version: "8.3\\(1\\)", }, { status: "affected", version: "8.3\\(2\\)", }, { status: "affected", version: "9.2\\(1\\)", }, { status: "affected", version: "9.2\\(2\\)", }, { status: "affected", version: "9.2\\(2t\\)", }, { status: "affected", version: "9.2\\(3\\)", }, { status: "affected", version: "9.2\\(4\\)", }, { status: "affected", version: "9.2\\(2v\\)", }, { status: "affected", version: "7.3\\(4\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(3\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(4\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(5\\)N1\\(1\\)", }, { status: "affected", version: "8.4\\(1\\)", }, { status: "affected", version: "8.4\\(2\\)", }, { status: "affected", version: "8.4\\(3\\)", }, { status: "affected", version: "8.4\\(2b\\)", }, { status: "affected", version: "8.4\\(4\\)", }, { status: "affected", version: "8.4\\(2c\\)", }, { status: "affected", version: "8.4\\(4a\\)", }, { status: "affected", version: "8.4\\(5\\)", }, { status: "affected", version: "8.4\\(6\\)", }, { status: "affected", version: "8.4\\(6a\\)", }, { status: "affected", version: "8.4\\(7\\)", }, { status: "affected", version: "8.4\\(2f\\)", }, { status: "affected", version: "8.4\\(8\\)", }, { status: "affected", version: "8.4\\(9\\)", }, { status: "affected", version: "9.3\\(1\\)", }, { status: "affected", version: "9.3\\(2\\)", }, { status: "affected", version: "9.3\\(3\\)", }, { status: "affected", version: "9.3\\(4\\)", }, { status: "affected", version: "9.3\\(5\\)", }, { status: "affected", version: "9.3\\(6\\)", }, { status: "affected", version: "9.3\\(7\\)", }, { status: "affected", version: "9.3\\(7a\\)", }, { status: "affected", version: "9.3\\(8\\)", }, { status: "affected", version: "9.3\\(9\\)", }, { status: "affected", version: "9.3\\(10\\)", }, { status: "affected", version: "9.3\\(11\\)", }, { status: "affected", version: "9.3\\(2a\\)", }, { status: "affected", version: "9.3\\(12\\)", }, { status: "affected", version: "9.3\\(13\\)", }, { status: "affected", version: "7.3\\(6\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(5\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(7\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(7\\)N1\\(1a\\)", }, { status: "affected", version: "7.3\\(7\\)N1\\(1b\\)", }, { status: "affected", version: "7.3\\(6\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(8\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(7\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(9\\)N1\\(1\\)", }, { status: "affected", version: "10.1\\(1\\)", }, { status: "affected", version: "8.5\\(1\\)", }, { status: "affected", version: "7.3\\(10\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(8\\)D1\\(1\\)", }, { status: "affected", version: "10.2\\(1\\)", }, { status: "affected", version: "10.2\\(1q\\)", }, { status: "affected", version: "10.2\\(2\\)", }, { status: "affected", version: "10.2\\(3\\)", }, { status: "affected", version: "10.2\\(3t\\)", }, { status: "affected", version: "7.3\\(9\\)D1\\(1\\)", }, { status: "affected", version: "7.3\\(11\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(12\\)N1\\(1\\)", }, { status: "affected", version: "10.3\\(1\\)", }, { status: "affected", version: "10.3\\(3\\)", }, { status: "affected", version: "10.3\\(99w\\)", }, { status: "affected", version: "10.3\\(99x\\)", }, { status: "affected", version: "10.3\\(4a\\)", }, { status: "affected", version: "10.3\\(5\\)", }, { status: "affected", version: "7.3\\(13\\)N1\\(1\\)", }, { status: "affected", version: "7.3\\(14\\)N1\\(1\\)", }, { status: "affected", version: "10.4\\(1\\)", }, { status: "affected", version: "10.4\\(2\\)", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-20399", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-02T15:08:04.278010Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-07-02", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-07-02T20:40:44.265Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T21:59:42.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-nxos-cmd-injection-xD9OhyOP", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP", }, { tags: [ "x_transferred", ], url: "https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "8.2(5)", }, { status: "affected", version: "7.3(6)N1(1a)", }, { status: "affected", version: "7.3(5)D1(1)", }, { status: "affected", version: "8.4(2)", }, { status: "affected", version: "7.3(6)N1(1)", }, { status: "affected", version: "6.2(2)", }, { status: "affected", version: "8.4(3)", }, { status: "affected", version: "9.2(3)", }, { status: "affected", version: "7.0(3)I5(2)", }, { status: "affected", version: "8.2(1)", }, { status: "affected", version: "6.0(2)A8(7a)", }, { status: "affected", version: "7.0(3)I4(5)", }, { status: "affected", version: "6.0(2)A6(1)", }, { status: "affected", version: "7.3(1)D1(1)", }, { status: "affected", version: "6.2(14a)", }, { status: "affected", version: "7.0(3)I4(6)", }, { status: "affected", version: "7.3(4)N1(1)", }, { status: "affected", version: "7.0(3)I4(3)", }, { status: "affected", version: "9.2(2v)", }, { status: "affected", version: "6.0(2)A6(5b)", }, { status: "affected", version: "7.3(0)D1(1)", }, { status: "affected", version: "6.2(17a)", }, { status: "affected", version: "7.0(3)I4(7)", }, { status: "affected", version: "6.0(2)U6(1a)", }, { status: "affected", version: "7.1(5)N1(1b)", }, { status: "affected", version: "7.0(3)I4(1)", }, { status: "affected", version: "7.0(3)I4(8)", }, { status: "affected", version: "7.0(3)I4(2)", }, { status: "affected", version: "7.1(4)N1(1c)", }, { status: "affected", version: "7.0(3)IM3(1)", }, { status: "affected", version: "6.0(2)U6(5a)", }, { status: "affected", version: "6.0(2)A8(11)", }, { status: "affected", version: "6.0(2)A6(4a)", }, { status: "affected", version: "6.2(9)", }, { status: "affected", version: "6.2(5)", }, { status: "affected", version: "7.3(4)D1(1)", }, { status: "affected", version: "6.2(20)", }, { status: "affected", version: "9.2(1)", }, { status: "affected", version: "9.2(2t)", }, { status: "affected", version: "9.2(3y)", }, { status: "affected", version: "7.0(3)I4(1t)", }, { status: "affected", version: "6.0(2)U6(5c)", }, { status: "affected", version: "6.0(2)A6(4)", }, { status: "affected", version: "7.0(3)I7(6z)", }, { status: "affected", version: "9.3(2)", }, { status: "affected", version: "7.3(1)DY(1)", }, { status: "affected", version: "7.0(3)F3(3)", }, { status: "affected", version: "6.0(2)U6(6)", }, { status: "affected", version: "6.2(29)", }, { status: "affected", version: "7.0(3)I7(3z)", }, { status: "affected", version: "7.0(3)IM7(2)", }, { status: "affected", version: "6.0(2)A8(11b)", }, { status: "affected", version: "6.2(9a)", }, { status: "affected", version: "7.3(0)N1(1)", }, { status: "affected", version: "7.0(3)I7(5a)", }, { status: "affected", version: "6.2(11d)", }, { status: "affected", version: "8.1(1)", }, { status: "affected", version: "7.0(3)I6(1)", }, { status: "affected", version: "6.0(2)U6(10)", }, { status: "affected", version: "7.2(2)D1(2)", }, { status: "affected", version: "7.0(3)IM3(2)", }, { status: "affected", version: "6.0(2)A6(8)", }, { status: "affected", version: "8.2(2)", }, { status: "affected", version: "6.0(2)U6(1)", }, { status: "affected", version: "7.3(2)N1(1c)", }, { status: "affected", version: "7.0(3)I5(3b)", }, { status: "affected", version: "8.3(2)", }, { status: "affected", version: "7.3(5)N1(1)", }, { status: "affected", version: "6.0(2)A6(2a)", }, { status: "affected", version: "7.3(2)N1(1b)", }, { status: "affected", version: "6.2(27)", }, { status: "affected", version: "7.3(2)D1(3a)", }, { status: "affected", version: "7.3(1)N1(1)", }, { status: "affected", version: "6.0(2)U6(7)", }, { status: "affected", version: "9.2(4)", }, { status: "affected", version: "7.1(4)N1(1a)", }, { status: "affected", version: "7.1(3)N1(4)", }, { status: "affected", version: "7.0(3)IM3(2a)", }, { status: "affected", version: "6.2(8b)", }, { status: "affected", version: "6.0(2)A8(10)", }, { status: "affected", version: "7.1(3)N1(2)", }, { status: "affected", version: "6.2(13)", }, { status: "affected", version: "6.0(2)A8(2)", }, { status: "affected", version: "7.0(3)IC4(4)", }, { status: "affected", version: "6.2(1)", }, { status: "affected", version: "7.3(4)N1(1a)", }, { status: "affected", version: "8.1(2)", }, { status: "affected", version: "6.0(2)A6(3)", }, { status: "affected", version: "6.0(2)U6(5b)", }, { status: "affected", version: "7.0(3)F3(3c)", }, { status: "affected", version: "7.3(3)D1(1)", }, { status: "affected", version: "7.0(3)F3(1)", }, { status: "affected", version: "6.0(2)U6(5)", }, { status: "affected", version: "7.0(3)F3(5)", }, { status: "affected", version: "7.1(2)N1(1)", }, { status: "affected", version: "7.1(3)N1(3)", }, { status: "affected", version: "8.2(3)", }, { status: "affected", version: "6.0(2)A6(7)", }, { status: "affected", version: "7.0(3)I7(2)", }, { status: "affected", version: "6.2(5a)", }, { status: "affected", version: "6.2(18)", }, { status: "affected", version: "6.0(2)A6(5)", }, { status: "affected", version: "7.0(3)IM3(2b)", }, { status: "affected", version: "7.1(3)N1(1)", }, { status: "affected", version: "6.0(2)U6(4a)", }, { status: "affected", version: "7.0(3)I5(3)", }, { status: "affected", version: "7.0(3)I7(3)", }, { status: "affected", version: "6.0(2)A8(6)", }, { status: "affected", version: "7.0(3)I6(2)", }, { status: "affected", version: "8.3(1)", }, { status: "affected", version: "6.2(3)", }, { status: "affected", version: "6.2(22)", }, { status: "affected", version: "7.1(1)N1(1)", }, { status: "affected", version: "8.4(1)", }, { status: "affected", version: "8.1(1b)", }, { status: "affected", version: "7.3(0)N1(1b)", }, { status: "affected", version: "7.2(2)D1(4)", }, { status: "affected", version: "6.0(2)A8(5)", }, { status: "affected", version: "7.3(0)DX(1)", }, { status: "affected", version: "7.1(4)N1(1d)", }, { status: "affected", version: "7.3(2)D1(1)", }, { status: "affected", version: "7.3(2)N1(1)", }, { status: "affected", version: "6.0(2)U6(8)", }, { status: "affected", version: "7.1(1)N1(1a)", }, { status: "affected", version: "7.0(3)IM3(3)", }, { status: "affected", version: "9.3(1)", }, { status: "affected", version: "6.0(2)U6(2)", }, { status: "affected", version: "6.2(9b)", }, { status: "affected", version: "7.1(3)N1(2a)", }, { status: "affected", version: "7.3(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(7)", }, { status: "affected", version: "7.0(3)I7(6)", }, { status: "affected", version: "7.3(2)D1(2)", }, { status: "affected", version: "6.2(25)", }, { status: "affected", version: "6.0(2)U6(3a)", }, { status: "affected", version: "8.0(1)", }, { status: "affected", version: "6.0(2)A8(11a)", }, { status: "affected", version: "6.2(11e)", }, { status: "affected", version: "7.1(3)N1(5)", }, { status: "affected", version: "7.0(3)I4(8z)", }, { status: "affected", version: "6.2(11)", }, { status: "affected", version: "7.0(3)I4(9)", }, { status: "affected", version: "6.2(16)", }, { status: "affected", version: "6.2(19)", }, { status: "affected", version: "8.2(4)", }, { status: "affected", version: "6.2(2a)", }, { status: "affected", version: "7.2(2)D1(3)", }, { status: "affected", version: "7.1(0)N1(1b)", }, { status: "affected", version: "7.0(3)I7(4)", }, { status: "affected", version: "7.0(3)I7(7)", }, { status: "affected", version: "6.2(5b)", }, { status: "affected", version: "7.3(0)DY(1)", }, { status: "affected", version: "6.0(2)A8(9)", }, { status: "affected", version: "6.0(2)A8(1)", }, { status: "affected", version: "7.1(5)N1(1)", }, { status: "affected", version: "7.2(1)D1(1)", }, { status: "affected", version: "6.2(15)", }, { status: "affected", version: "6.0(2)A6(6)", }, { status: "affected", version: "6.0(2)A8(10a)", }, { status: "affected", version: "7.0(3)I5(1)", }, { status: "affected", version: "9.3(1z)", }, { status: "affected", version: "9.2(2)", }, { status: "affected", version: "6.2(7)", }, { status: "affected", version: "6.2(9c)", }, { status: "affected", version: "7.0(3)F3(4)", }, { status: "affected", version: "7.3(3)N1(1)", }, { status: "affected", version: "6.2(6b)", }, { status: "affected", version: "7.0(3)I4(8b)", }, { status: "affected", version: "8.1(2a)", }, { status: "affected", version: "7.3(2)D1(3)", }, { status: "affected", version: "6.2(8)", }, { status: "affected", version: "6.0(2)A8(3)", }, { status: "affected", version: "6.2(11b)", }, { status: "affected", version: "7.0(3)I4(6t)", }, { status: "affected", version: "7.0(3)I5(3a)", }, { status: "affected", version: "8.1(1a)", }, { status: "affected", version: "6.2(13a)", }, { status: "affected", version: "6.0(2)A8(8)", }, { status: "affected", version: "7.0(3)I7(5)", }, { status: "affected", version: "7.0(3)F3(3a)", }, { status: "affected", version: "7.1(0)N1(1a)", }, { status: "affected", version: "6.0(2)A8(4)", }, { status: "affected", version: "6.0(2)A6(3a)", }, { status: "affected", version: "6.0(2)A6(5a)", }, { status: "affected", version: "7.0(3)F2(1)", }, { status: "affected", version: "7.0(3)I4(8a)", }, { status: "affected", version: "6.0(2)U6(9)", }, { status: "affected", version: "7.0(3)F3(2)", }, { status: "affected", version: "6.0(2)U6(2a)", }, { status: "affected", version: "6.2(12)", }, { status: "affected", version: "6.2(17)", }, { status: "affected", version: "7.0(3)I4(4)", }, { status: "affected", version: "6.2(23)", }, { status: "affected", version: "6.2(13b)", }, { status: "affected", version: "6.0(2)U6(3)", }, { status: "affected", version: "6.2(10)", }, { status: "affected", version: "6.2(6a)", }, { status: "affected", version: "6.2(6)", }, { status: "affected", version: "7.1(2)N1(1a)", }, { status: "affected", version: "6.2(14)", }, { status: "affected", version: "7.0(3)I7(1)", }, { status: "affected", version: "6.2(14b)", }, { status: "affected", version: "6.2(21)", }, { status: "affected", version: "7.2(2)D1(1)", }, { status: "affected", version: "7.0(3)F2(2)", }, { status: "affected", version: "7.0(3)IA7(2)", }, { status: "affected", version: "7.0(3)IA7(1)", }, { status: "affected", version: "6.0(2)A8(7b)", }, { status: "affected", version: "6.2(8a)", }, { status: "affected", version: "6.2(11c)", }, { status: "affected", version: "7.0(3)F1(1)", }, { status: "affected", version: "6.0(2)A6(1a)", }, { status: "affected", version: "7.1(0)N1(1)", }, { status: "affected", version: "7.2(0)D1(1)", }, { status: "affected", version: "6.0(2)A6(2)", }, { status: "affected", version: "7.1(4)N1(1)", }, { status: "affected", version: "6.0(2)A8(4a)", }, { status: "affected", version: "6.2(20a)", }, { status: "affected", version: "6.0(2)U6(4)", }, { status: "affected", version: "8.4(1a)", }, { status: "affected", version: "9.3(3)", }, { status: "affected", version: "7.3(2)D1(1d)", }, { status: "affected", version: "7.3(7)N1(1)", }, { status: "affected", version: "6.2(24)", }, { status: "affected", version: "6.2(31)", }, { status: "affected", version: "7.0(3)I7(8)", }, { status: "affected", version: "6.0(2)U6(10a)", }, { status: "affected", version: "7.3(7)N1(1a)", }, { status: "affected", version: "9.3(4)", }, { status: "affected", version: "7.3(6)D1(1)", }, { status: "affected", version: "6.2(26)", }, { status: "affected", version: "8.2(6)", }, { status: "affected", version: "6.2(33)", }, { status: "affected", version: "9.3(5)", }, { status: "affected", version: "8.4(2a)", }, { status: "affected", version: "8.4(2b)", }, { status: "affected", version: "7.3(8)N1(1)", }, { status: "affected", version: "7.0(3)I7(9)", }, { status: "affected", version: "7.3(7)N1(1b)", }, { status: "affected", version: "6.2(24a)", }, { status: "affected", version: "8.5(1)", }, { status: "affected", version: "9.3(6)", }, { status: "affected", version: "10.1(2)", }, { status: "affected", version: "10.1(1)", }, { status: "affected", version: "8.4(4)", }, { status: "affected", version: "7.3(7)D1(1)", }, { status: "affected", version: "8.4(2c)", }, { status: "affected", version: "9.3(5w)", }, { status: "affected", version: "8.2(7)", }, { status: "affected", version: "7.3(9)N1(1)", }, { status: "affected", version: "9.3(7)", }, { status: "affected", version: "9.3(7k)", }, { status: "affected", version: "7.0(3)I7(9w)", }, { status: "affected", version: "10.2(1)", }, { status: "affected", version: "7.3(8)N1(1a)", }, { status: "affected", version: "7.3(8)D1(1)", }, { status: "affected", version: "9.3(7a)", }, { status: "affected", version: "8.2(7a)", }, { status: "affected", version: "9.3(8)", }, { status: "affected", version: "8.4(4a)", }, { status: "affected", version: "8.4(2d)", }, { status: "affected", version: "7.3(10)N1(1)", }, { status: "affected", version: "8.4(5)", }, { status: "affected", version: "7.0(3)I7(10)", }, { status: "affected", version: "7.3(8)N1(1b)", }, { status: "affected", version: "8.2(8)", }, { status: "affected", version: "10.2(1q)", }, { status: "affected", version: "10.2(2)", }, { status: "affected", version: "9.3(9)", }, { status: "affected", version: "7.3(9)D1(1)", }, { status: "affected", version: "7.3(11)N1(1)", }, { status: "affected", version: "10.2(3)", }, { status: "affected", version: "8.4(6)", }, { status: "affected", version: "8.4(2e)", }, { status: "affected", version: "9.3(10)", }, { status: "affected", version: "7.3(11)N1(1a)", }, { status: "affected", version: "10.2(2a)", }, { status: "affected", version: "7.3(12)N1(1)", }, { status: "affected", version: "9.2(1a)", }, { status: "affected", version: "8.2(9)", }, { status: "affected", version: "10.3(1)", }, { status: "affected", version: "10.2(4)", }, { status: "affected", version: "7.3(13)N1(1)", }, { status: "affected", version: "8.4(7)", }, { status: "affected", version: "10.3(2)", }, { status: "affected", version: "8.4(6a)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "10.3(3)", }, { status: "affected", version: "10.2(5)", }, { status: "affected", version: "9.4(1)", }, { status: "affected", version: "9.3(2a)", }, { status: "affected", version: "8.4(2f)", }, { status: "affected", version: "8.2(10)", }, { status: "affected", version: "9.3(12)", }, { status: "affected", version: "10.4(1)", }, { status: "affected", version: "8.4(8)", }, { status: "affected", version: "10.3(99w)", }, { status: "affected", version: "7.3(14)N1(1)", }, { status: "affected", version: "10.2(6)", }, { status: "affected", version: "10.3(3w)", }, { status: "affected", version: "10.3(99x)", }, { status: "affected", version: "10.3(3o)", }, { status: "affected", version: "8.4(9)", }, { status: "affected", version: "10.3(4)", }, { status: "affected", version: "10.3(3p)", }, { status: "affected", version: "10.3(4a)", }, { status: "affected", version: "9.4(1a)", }, { status: "affected", version: "10.4(2)", }, { status: "affected", version: "10.3(3q)", }, { status: "affected", version: "9.3(13)", }, { status: "affected", version: "8.2(11)", }, { status: "affected", version: "9.4(2)", }, { status: "affected", version: "10.3(5)", }, { status: "affected", version: "10.2(7)", }, { status: "affected", version: "10.3(3x)", }, { status: "affected", version: "10.3(4g)", }, { status: "affected", version: "10.2(8)", }, { status: "affected", version: "10.3(3r)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\nNote: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:\r\n\r\nNexus 3000 Series Switches\r\nNexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later\r\nNexus 9000 Series Switches in standalone NX-OS mode", }, ], exploits: [ { lang: "en", value: "In May 2024, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T18:07:44.853Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-cmd-injection-xD9OhyOP", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP", }, ], source: { advisory: "cisco-sa-nxos-cmd-injection-xD9OhyOP", defects: [ "CSCwj94682", ], discovery: "EXTERNAL", }, title: "Cisco NX-OS Software CLI Command Injection Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20399", datePublished: "2024-07-01T16:11:44.028Z", dateReserved: "2023-11-08T15:08:07.660Z", dateUpdated: "2024-09-17T18:07:44.853Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1735
Vulnerability from cvelistv5
Published
2019-05-15 18:45
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108365 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108365", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1735", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:37.156646Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:30:32.359Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-17T12:06:06", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108365", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1735", defect: [ [ "CSCvj63728", "CSCvj63877", "CSCvk52969", "CSCvk52971", "CSCvk52972", "CSCvk52975", "CSCvk52985", "CSCvk52988", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1735", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.4", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", refsource: "BID", url: "http://www.securityfocus.com/bid/108365", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1735", defect: [ [ "CSCvj63728", "CSCvj63877", "CSCvk52969", "CSCvk52971", "CSCvk52972", "CSCvk52975", "CSCvk52985", "CSCvk52988", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1735", datePublished: "2019-05-15T18:45:28.744805Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:30:32.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4277
Vulnerability from cvelistv5
Published
2015-08-19 18:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39939 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033259 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:11:12.187Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939", }, { name: "1033259", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033259", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-08-11T00:00:00", descriptions: [ { lang: "en", value: "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-20T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939", }, { name: "1033259", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033259", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-4277", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20150811 Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939", }, { name: "1033259", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033259", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-4277", datePublished: "2015-08-19T18:00:00", dateReserved: "2015-06-04T00:00:00", dateUpdated: "2024-08-06T06:11:12.187Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-20286
Vulnerability from cvelistv5
Published
2024-08-28 16:37
Modified
2024-08-28 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: 8.2(5) Version: 7.3(5)D1(1) Version: 8.4(2) Version: 6.2(2) Version: 8.4(3) Version: 9.2(3) Version: 7.0(3)I5(2) Version: 8.2(1) Version: 6.0(2)A8(7a) Version: 7.0(3)I4(5) Version: 6.0(2)A6(1) Version: 7.3(1)D1(1) Version: 6.2(14a) Version: 7.0(3)I4(6) Version: 7.0(3)I4(3) Version: 9.2(2v) Version: 6.0(2)A6(5b) Version: 7.3(0)D1(1) Version: 6.2(17a) Version: 7.0(3)I4(7) Version: 6.0(2)U6(1a) Version: 7.0(3)I4(1) Version: 7.0(3)I4(8) Version: 7.0(3)I4(2) Version: 7.0(3)IM3(1) Version: 6.0(2)U6(5a) Version: 6.0(2)A8(11) Version: 6.0(2)A6(4a) Version: 6.2(9) Version: 6.2(5) Version: 7.3(4)D1(1) Version: 6.2(20) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 7.0(3)I4(1t) Version: 6.0(2)U6(5c) Version: 6.0(2)A6(4) Version: 7.0(3)I7(6z) Version: 9.3(2) Version: 7.3(1)DY(1) Version: 7.0(3)F3(3) Version: 6.0(2)U6(6) Version: 6.2(29) Version: 7.0(3)I7(3z) Version: 7.0(3)IM7(2) Version: 6.0(2)A8(11b) Version: 6.2(9a) Version: 7.0(3)I7(5a) Version: 6.2(11d) Version: 8.1(1) Version: 7.0(3)I6(1) Version: 6.0(2)U6(10) Version: 7.2(2)D1(2) Version: 7.0(3)IM3(2) Version: 6.0(2)A6(8) Version: 8.2(2) Version: 6.0(2)U6(1) Version: 7.0(3)I5(3b) Version: 8.3(2) Version: 6.0(2)A6(2a) Version: 6.2(27) Version: 7.3(2)D1(3a) Version: 6.0(2)U6(7) Version: 9.2(4) Version: 7.0(3)IM3(2a) Version: 6.2(8b) Version: 6.0(2)A8(10) Version: 6.2(13) Version: 6.0(2)A8(2) Version: 7.0(3)IC4(4) Version: 6.2(1) Version: 8.1(2) Version: 6.0(2)A6(3) Version: 6.0(2)U6(5b) Version: 7.0(3)F3(3c) Version: 7.3(3)D1(1) Version: 7.0(3)F3(1) Version: 6.0(2)U6(5) Version: 7.0(3)F3(5) Version: 8.2(3) Version: 6.0(2)A6(7) Version: 7.0(3)I7(2) Version: 6.2(5a) Version: 6.2(18) Version: 6.0(2)A6(5) Version: 7.0(3)IM3(2b) Version: 6.0(2)U6(4a) Version: 7.0(3)I5(3) Version: 7.0(3)I7(3) Version: 6.0(2)A8(6) Version: 7.0(3)I6(2) Version: 8.3(1) Version: 6.2(3) Version: 6.2(22) Version: 8.4(1) Version: 8.1(1b) Version: 7.2(2)D1(4) Version: 6.0(2)A8(5) Version: 7.3(0)DX(1) Version: 7.3(2)D1(1) Version: 6.0(2)U6(8) Version: 7.0(3)IM3(3) Version: 9.3(1) Version: 6.0(2)U6(2) Version: 6.2(9b) Version: 6.0(2)A8(7) Version: 7.0(3)I7(6) Version: 7.3(2)D1(2) Version: 6.2(25) Version: 6.0(2)U6(3a) Version: 8.0(1) Version: 6.0(2)A8(11a) Version: 6.2(11e) Version: 7.0(3)I4(8z) Version: 6.2(11) Version: 7.0(3)I4(9) Version: 6.2(16) Version: 6.2(19) Version: 8.2(4) Version: 6.2(2a) Version: 7.2(2)D1(3) Version: 7.0(3)I7(4) Version: 7.0(3)I7(7) Version: 6.2(5b) Version: 7.3(0)DY(1) Version: 6.0(2)A8(9) Version: 6.0(2)A8(1) Version: 7.2(1)D1(1) Version: 6.2(15) Version: 6.0(2)A6(6) Version: 6.0(2)A8(10a) Version: 7.0(3)I5(1) Version: 9.3(1z) Version: 9.2(2) Version: 6.2(7) Version: 6.2(9c) Version: 7.0(3)F3(4) Version: 6.2(6b) Version: 7.0(3)I4(8b) Version: 8.1(2a) Version: 7.3(2)D1(3) Version: 6.2(8) Version: 6.0(2)A8(3) Version: 6.2(11b) Version: 7.0(3)I4(6t) Version: 7.0(3)I5(3a) Version: 8.1(1a) Version: 6.2(13a) Version: 6.0(2)A8(8) Version: 7.0(3)I7(5) Version: 7.0(3)F3(3a) Version: 6.0(2)A8(4) Version: 6.0(2)A6(3a) Version: 6.0(2)A6(5a) Version: 7.0(3)F2(1) Version: 7.0(3)I4(8a) Version: 6.0(2)U6(9) Version: 7.0(3)F3(2) Version: 6.0(2)U6(2a) Version: 6.2(12) Version: 6.2(17) Version: 7.0(3)I4(4) Version: 6.2(23) Version: 6.2(13b) Version: 6.0(2)U6(3) Version: 6.2(10) Version: 6.2(6a) Version: 6.2(6) Version: 6.2(14) Version: 7.0(3)I7(1) Version: 6.2(14b) Version: 6.2(21) Version: 7.2(2)D1(1) Version: 7.0(3)F2(2) Version: 7.0(3)IA7(2) Version: 7.0(3)IA7(1) Version: 6.0(2)A8(7b) Version: 6.2(8a) Version: 6.2(11c) Version: 7.0(3)F1(1) Version: 6.0(2)A6(1a) Version: 7.2(0)D1(1) Version: 6.0(2)A6(2) Version: 6.0(2)A8(4a) Version: 6.2(20a) Version: 6.0(2)U6(4) Version: 8.4(1a) Version: 9.3(3) Version: 7.3(2)D1(1d) Version: 6.2(24) Version: 6.2(31) Version: 7.0(3)I7(8) Version: 6.0(2)U6(10a) Version: 9.3(4) Version: 7.3(6)D1(1) Version: 6.2(26) Version: 8.2(6) Version: 6.2(33) Version: 9.3(5) Version: 8.4(2a) Version: 8.4(2b) Version: 7.0(3)I7(9) Version: 6.2(24a) Version: 8.5(1) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 8.4(4) Version: 7.3(7)D1(1) Version: 8.4(2c) Version: 9.3(5w) Version: 8.2(7) Version: 9.3(7) Version: 9.3(7k) Version: 7.0(3)I7(9w) Version: 10.2(1) Version: 7.3(8)D1(1) Version: 9.3(7a) Version: 8.2(7a) Version: 9.3(8) Version: 8.4(4a) Version: 8.4(2d) Version: 8.4(5) Version: 7.0(3)I7(10) Version: 8.2(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 7.3(9)D1(1) Version: 10.2(3) Version: 8.4(6) Version: 10.2(3t) Version: 8.4(2e) Version: 9.3(10) Version: 10.2(2a) Version: 9.2(1a) Version: 8.2(9) Version: 10.3(1) Version: 10.2(4) Version: 8.4(7) Version: 10.3(2) Version: 8.4(6a) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.4(1) Version: 9.3(2a) Version: 8.4(2f) Version: 8.2(10) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 8.4(8) Version: 10.3(99w) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 8.4(9) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 9.4(1a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 10.2(7) Version: 10.3(3x) Version: 10.3(4g) Version: 10.3(3r) |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-20286", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T17:23:47.624528Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T17:23:56.426Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "8.2(5)", }, { status: "affected", version: "7.3(5)D1(1)", }, { status: "affected", version: "8.4(2)", }, { status: "affected", version: "6.2(2)", }, { status: "affected", version: "8.4(3)", }, { status: "affected", version: "9.2(3)", }, { status: "affected", version: "7.0(3)I5(2)", }, { status: "affected", version: "8.2(1)", }, { status: "affected", version: "6.0(2)A8(7a)", }, { status: "affected", version: "7.0(3)I4(5)", }, { status: "affected", version: "6.0(2)A6(1)", }, { status: "affected", version: "7.3(1)D1(1)", }, { status: "affected", version: "6.2(14a)", }, { status: "affected", version: "7.0(3)I4(6)", }, { status: "affected", version: "7.0(3)I4(3)", }, { status: "affected", version: "9.2(2v)", }, { status: "affected", version: "6.0(2)A6(5b)", }, { status: "affected", version: "7.3(0)D1(1)", }, { status: "affected", version: "6.2(17a)", }, { status: "affected", version: "7.0(3)I4(7)", }, { status: "affected", version: "6.0(2)U6(1a)", }, { status: "affected", version: "7.0(3)I4(1)", }, { status: "affected", version: "7.0(3)I4(8)", }, { status: "affected", version: "7.0(3)I4(2)", }, { status: "affected", version: "7.0(3)IM3(1)", }, { status: "affected", version: "6.0(2)U6(5a)", }, { status: "affected", version: "6.0(2)A8(11)", }, { status: "affected", version: "6.0(2)A6(4a)", }, { status: "affected", version: "6.2(9)", }, { status: "affected", version: "6.2(5)", }, { status: "affected", version: "7.3(4)D1(1)", }, { status: "affected", version: "6.2(20)", }, { status: "affected", version: "9.2(1)", }, { status: "affected", version: "9.2(2t)", }, { status: "affected", version: "9.2(3y)", }, { status: "affected", version: "7.0(3)I4(1t)", }, { status: "affected", version: "6.0(2)U6(5c)", }, { status: "affected", version: "6.0(2)A6(4)", }, { status: "affected", version: "7.0(3)I7(6z)", }, { status: "affected", version: "9.3(2)", }, { status: "affected", version: "7.3(1)DY(1)", }, { status: "affected", version: "7.0(3)F3(3)", }, { status: "affected", version: "6.0(2)U6(6)", }, { status: "affected", version: "6.2(29)", }, { status: "affected", version: "7.0(3)I7(3z)", }, { status: "affected", version: "7.0(3)IM7(2)", }, { status: "affected", version: "6.0(2)A8(11b)", }, { status: "affected", version: "6.2(9a)", }, { status: "affected", version: "7.0(3)I7(5a)", }, { status: "affected", version: "6.2(11d)", }, { status: "affected", version: "8.1(1)", }, { status: "affected", version: "7.0(3)I6(1)", }, { status: "affected", version: "6.0(2)U6(10)", }, { status: "affected", version: "7.2(2)D1(2)", }, { status: "affected", version: "7.0(3)IM3(2)", }, { status: "affected", version: "6.0(2)A6(8)", }, { status: "affected", version: "8.2(2)", }, { status: "affected", version: "6.0(2)U6(1)", }, { status: "affected", version: "7.0(3)I5(3b)", }, { status: "affected", version: "8.3(2)", }, { status: "affected", version: "6.0(2)A6(2a)", }, { status: "affected", version: "6.2(27)", }, { status: "affected", version: "7.3(2)D1(3a)", }, { status: "affected", version: "6.0(2)U6(7)", }, { status: "affected", version: "9.2(4)", }, { status: "affected", version: "7.0(3)IM3(2a)", }, { status: "affected", version: "6.2(8b)", }, { status: "affected", version: "6.0(2)A8(10)", }, { status: "affected", version: "6.2(13)", }, { status: "affected", version: "6.0(2)A8(2)", }, { status: "affected", version: "7.0(3)IC4(4)", }, { status: "affected", version: "6.2(1)", }, { status: "affected", version: "8.1(2)", }, { status: "affected", version: "6.0(2)A6(3)", }, { status: "affected", version: "6.0(2)U6(5b)", }, { status: "affected", version: "7.0(3)F3(3c)", }, { status: "affected", version: "7.3(3)D1(1)", }, { status: "affected", version: "7.0(3)F3(1)", }, { status: "affected", version: "6.0(2)U6(5)", }, { status: "affected", version: "7.0(3)F3(5)", }, { status: "affected", version: "8.2(3)", }, { status: "affected", version: "6.0(2)A6(7)", }, { status: "affected", version: "7.0(3)I7(2)", }, { status: "affected", version: "6.2(5a)", }, { status: "affected", version: "6.2(18)", }, { status: "affected", version: "6.0(2)A6(5)", }, { status: "affected", version: "7.0(3)IM3(2b)", }, { status: "affected", version: "6.0(2)U6(4a)", }, { status: "affected", version: "7.0(3)I5(3)", }, { status: "affected", version: "7.0(3)I7(3)", }, { status: "affected", version: "6.0(2)A8(6)", }, { status: "affected", version: "7.0(3)I6(2)", }, { status: "affected", version: "8.3(1)", }, { status: "affected", version: "6.2(3)", }, { status: "affected", version: "6.2(22)", }, { status: "affected", version: "8.4(1)", }, { status: "affected", version: "8.1(1b)", }, { status: "affected", version: "7.2(2)D1(4)", }, { status: "affected", version: "6.0(2)A8(5)", }, { status: "affected", version: "7.3(0)DX(1)", }, { status: "affected", version: "7.3(2)D1(1)", }, { status: "affected", version: "6.0(2)U6(8)", }, { status: "affected", version: "7.0(3)IM3(3)", }, { status: "affected", version: "9.3(1)", }, { status: "affected", version: "6.0(2)U6(2)", }, { status: "affected", version: "6.2(9b)", }, { status: "affected", version: "6.0(2)A8(7)", }, { status: "affected", version: "7.0(3)I7(6)", }, { status: "affected", version: "7.3(2)D1(2)", }, { status: "affected", version: "6.2(25)", }, { status: "affected", version: "6.0(2)U6(3a)", }, { status: "affected", version: "8.0(1)", }, { status: "affected", version: "6.0(2)A8(11a)", }, { status: "affected", version: "6.2(11e)", }, { status: "affected", version: "7.0(3)I4(8z)", }, { status: "affected", version: "6.2(11)", }, { status: "affected", version: "7.0(3)I4(9)", }, { status: "affected", version: "6.2(16)", }, { status: "affected", version: "6.2(19)", }, { status: "affected", version: "8.2(4)", }, { status: "affected", version: "6.2(2a)", }, { status: "affected", version: "7.2(2)D1(3)", }, { status: "affected", version: "7.0(3)I7(4)", }, { status: "affected", version: "7.0(3)I7(7)", }, { status: "affected", version: "6.2(5b)", }, { status: "affected", version: "7.3(0)DY(1)", }, { status: "affected", version: "6.0(2)A8(9)", }, { status: "affected", version: "6.0(2)A8(1)", }, { status: "affected", version: "7.2(1)D1(1)", }, { status: "affected", version: "6.2(15)", }, { status: "affected", version: "6.0(2)A6(6)", }, { status: "affected", version: "6.0(2)A8(10a)", }, { status: "affected", version: "7.0(3)I5(1)", }, { status: "affected", version: "9.3(1z)", }, { status: "affected", version: "9.2(2)", }, { status: "affected", version: "6.2(7)", }, { status: "affected", version: "6.2(9c)", }, { status: "affected", version: "7.0(3)F3(4)", }, { status: "affected", version: "6.2(6b)", }, { status: "affected", version: "7.0(3)I4(8b)", }, { status: "affected", version: "8.1(2a)", }, { status: "affected", version: "7.3(2)D1(3)", }, { status: "affected", version: "6.2(8)", }, { status: "affected", version: "6.0(2)A8(3)", }, { status: "affected", version: "6.2(11b)", }, { status: "affected", version: "7.0(3)I4(6t)", }, { status: "affected", version: "7.0(3)I5(3a)", }, { status: "affected", version: "8.1(1a)", }, { status: "affected", version: "6.2(13a)", }, { status: "affected", version: "6.0(2)A8(8)", }, { status: "affected", version: "7.0(3)I7(5)", }, { status: "affected", version: "7.0(3)F3(3a)", }, { status: "affected", version: "6.0(2)A8(4)", }, { status: "affected", version: "6.0(2)A6(3a)", }, { status: "affected", version: "6.0(2)A6(5a)", }, { status: "affected", version: "7.0(3)F2(1)", }, { status: "affected", version: "7.0(3)I4(8a)", }, { status: "affected", version: "6.0(2)U6(9)", }, { status: "affected", version: "7.0(3)F3(2)", }, { status: "affected", version: "6.0(2)U6(2a)", }, { status: "affected", version: "6.2(12)", }, { status: "affected", version: "6.2(17)", }, { status: "affected", version: "7.0(3)I4(4)", }, { status: "affected", version: "6.2(23)", }, { status: "affected", version: "6.2(13b)", }, { status: "affected", version: "6.0(2)U6(3)", }, { status: "affected", version: "6.2(10)", }, { status: "affected", version: "6.2(6a)", }, { status: "affected", version: "6.2(6)", }, { status: "affected", version: "6.2(14)", }, { status: "affected", version: "7.0(3)I7(1)", }, { status: "affected", version: "6.2(14b)", }, { status: "affected", version: "6.2(21)", }, { status: "affected", version: "7.2(2)D1(1)", }, { status: "affected", version: "7.0(3)F2(2)", }, { status: "affected", version: "7.0(3)IA7(2)", }, { status: "affected", version: "7.0(3)IA7(1)", }, { status: "affected", version: "6.0(2)A8(7b)", }, { status: "affected", version: "6.2(8a)", }, { status: "affected", version: "6.2(11c)", }, { status: "affected", version: "7.0(3)F1(1)", }, { status: "affected", version: "6.0(2)A6(1a)", }, { status: "affected", version: "7.2(0)D1(1)", }, { status: "affected", version: "6.0(2)A6(2)", }, { status: "affected", version: "6.0(2)A8(4a)", }, { status: "affected", version: "6.2(20a)", }, { status: "affected", version: "6.0(2)U6(4)", }, { status: "affected", version: "8.4(1a)", }, { status: "affected", version: "9.3(3)", }, { status: "affected", version: "7.3(2)D1(1d)", }, { status: "affected", version: "6.2(24)", }, { status: "affected", version: "6.2(31)", }, { status: "affected", version: "7.0(3)I7(8)", }, { status: "affected", version: "6.0(2)U6(10a)", }, { status: "affected", version: "9.3(4)", }, { status: "affected", version: "7.3(6)D1(1)", }, { status: "affected", version: "6.2(26)", }, { status: "affected", version: "8.2(6)", }, { status: "affected", version: "6.2(33)", }, { status: "affected", version: "9.3(5)", }, { status: "affected", version: "8.4(2a)", }, { status: "affected", version: "8.4(2b)", }, { status: "affected", version: "7.0(3)I7(9)", }, { status: "affected", version: "6.2(24a)", }, { status: "affected", version: "8.5(1)", }, { status: "affected", version: "9.3(6)", }, { status: "affected", version: "10.1(2)", }, { status: "affected", version: "10.1(1)", }, { status: "affected", version: "8.4(4)", }, { status: "affected", version: "7.3(7)D1(1)", }, { status: "affected", version: "8.4(2c)", }, { status: "affected", version: "9.3(5w)", }, { status: "affected", version: "8.2(7)", }, { status: "affected", version: "9.3(7)", }, { status: "affected", version: "9.3(7k)", }, { status: "affected", version: "7.0(3)I7(9w)", }, { status: "affected", version: "10.2(1)", }, { status: "affected", version: "7.3(8)D1(1)", }, { status: "affected", version: "9.3(7a)", }, { status: "affected", version: "8.2(7a)", }, { status: "affected", version: "9.3(8)", }, { status: "affected", version: "8.4(4a)", }, { status: "affected", version: "8.4(2d)", }, { status: "affected", version: "8.4(5)", }, { status: "affected", version: "7.0(3)I7(10)", }, { status: "affected", version: "8.2(8)", }, { status: "affected", version: "10.2(1q)", }, { status: "affected", version: "10.2(2)", }, { status: "affected", version: "9.3(9)", }, { status: "affected", version: "10.1(2t)", }, { status: "affected", version: "7.3(9)D1(1)", }, { status: "affected", version: "10.2(3)", }, { status: "affected", version: "8.4(6)", }, { status: "affected", version: "10.2(3t)", }, { status: "affected", version: "8.4(2e)", }, { status: "affected", version: "9.3(10)", }, { status: "affected", version: "10.2(2a)", }, { status: "affected", version: "9.2(1a)", }, { status: "affected", version: "8.2(9)", }, { status: "affected", version: "10.3(1)", }, { status: "affected", version: "10.2(4)", }, { status: "affected", version: "8.4(7)", }, { status: "affected", version: "10.3(2)", }, { status: "affected", version: "8.4(6a)", }, { status: "affected", version: "9.3(11)", }, { status: "affected", version: "10.3(3)", }, { status: "affected", version: "10.2(5)", }, { status: "affected", version: "9.4(1)", }, { status: "affected", version: "9.3(2a)", }, { status: "affected", version: "8.4(2f)", }, { status: "affected", version: "8.2(10)", }, { status: "affected", version: "9.3(12)", }, { status: "affected", version: "10.2(3v)", }, { status: "affected", version: "10.4(1)", }, { status: "affected", version: "8.4(8)", }, { status: "affected", version: "10.3(99w)", }, { status: "affected", version: "10.2(6)", }, { status: "affected", version: "10.3(3w)", }, { status: "affected", version: "10.3(99x)", }, { status: "affected", version: "10.3(3o)", }, { status: "affected", version: "8.4(9)", }, { status: "affected", version: "10.3(4)", }, { status: "affected", version: "10.3(3p)", }, { status: "affected", version: "10.3(4a)", }, { status: "affected", version: "9.4(1a)", }, { status: "affected", version: "10.4(2)", }, { status: "affected", version: "10.3(3q)", }, { status: "affected", version: "9.3(13)", }, { status: "affected", version: "10.2(7)", }, { status: "affected", version: "10.3(3x)", }, { status: "affected", version: "10.3(4g)", }, { status: "affected", version: "10.3(3r)", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "Protection Mechanism Failure", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-28T16:37:17.319Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-nxos-psbe-ce-YvbTn5du", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { name: "Cisco NX-OS Security with Python", url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], source: { advisory: "cisco-sa-nxos-psbe-ce-YvbTn5du", defects: [ "CSCwh77781", ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Python Parser Escape Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2024-20286", datePublished: "2024-08-28T16:37:17.319Z", dateReserved: "2023-11-08T15:08:07.626Z", dateUpdated: "2024-08-28T17:23:56.426Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2015-08-19 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1033267 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40431 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033267 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 11.1\(1c\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "EE500E08-7AC5-4086-8B83-20E24CB5DDAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.", }, { lang: "es", value: "Vulnerabilidad en Cisco NX-OS en dispositivos Nexus 9000 11.1(1c), permite a usuarios remotos autenticados causar una denegación de servicio (cuelgue de dispositivo) a través de archivos de gran tamaño que son copiados al sistema de archivos de un dispositivo, también conocida como Bug ID CSCuu77225.", }, ], id: "CVE-2015-4301", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-19T15:59:03.727", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033267", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-03 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.", }, { lang: "es", value: "La implementación SNMP en Cisco NX-OS 6.1(2)I2(3) en los dispositivos Nexus 9000, cuando una política Reset High Availability (HA) está configurada, permite a usuarios remotos autenticados causar una denegación de servicio (recarga de dispositivo) a través de vectores no especificados, también conocido como Bug ID CSCuq92240.", }, ], id: "CVE-2015-0686", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-03T02:00:25.097", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1032021", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032021", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-06 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1.\(2\) | |
| cisco | nx-os | 4.1.\(3\) | |
| cisco | nx-os | 4.1.\(4\) | |
| cisco | nx-os | 4.1.\(5\) | |
| cisco | nx-os | 4.2\(3\) | |
| cisco | nx-os | 4.2\(4\) | |
| cisco | nx-os | 4.2\(6\) | |
| cisco | nx-os | 4.2\(8\) | |
| cisco | nx-os | 4.2.\(2a\) | |
| cisco | nx-os | 5.0\(2a\) | |
| cisco | nx-os | 5.0\(3\) | |
| cisco | nx-os | 5.0\(5\) | |
| cisco | nx-os | 5.1\(1\) | |
| cisco | nx-os | 5.1\(1a\) | |
| cisco | nx-os | 5.1\(3\) | |
| cisco | nx-os | 5.1\(4\) | |
| cisco | nx-os | 5.1\(5\) | |
| cisco | nx-os | 5.1\(6\) | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 6.0\(1\) | |
| cisco | nx-os | 6.0\(2\) | |
| cisco | nx-os | 6.0\(3\) | |
| cisco | nx-os | 6.0\(4\) | |
| cisco | nx-os | 6.1\(1\) | |
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.1\(5\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\)s1 | |
| cisco | nx-os | 7.2\(0\)n1\(0.1\) | |
| cisco | nx-os | base | |
| cisco | nexus_7000_10-slot | - | |
| cisco | nexus_7000_18-slot | - | |
| cisco | nexus_7000_4-slot | - | |
| cisco | nexus_7000_9-slot | - | |
| cisco | nexus_7700_10-slot | - | |
| cisco | nexus_7700_18-slot | - | |
| cisco | nexus_7700_2-slot | - | |
| cisco | nexus_7700_6-slot | - | |
| cisco | nx-os | 4.2\(1\)n1\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1a\) | |
| cisco | nx-os | 5.0\(2\)n1\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1a\) | |
| cisco | nx-os | 5.0\(3\)n1\(1c\) | |
| cisco | nx-os | 5.0\(3\)n2\(1\) | |
| cisco | nx-os | 5.0\(3\)n2\(2\) | |
| cisco | nx-os | 5.0\(3\)n2\(2a\) | |
| cisco | nx-os | 5.0\(3\)n2\(2b\) | |
| cisco | nx-os | 5.1\(3\)n1\(1\) | |
| cisco | nx-os | 5.1\(3\)n1\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1\) | |
| cisco | nx-os | 5.1\(3\)n2\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1b\) | |
| cisco | nx-os | 5.1\(3\)n2\(1c\) | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5672up-16g | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3.78\) | |
| cisco | nx-os | 6.1\(2\)i3\(4\) | |
| cisco | nx-os | 7.0\(3\) | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 6.0\(2\)n2\(5a\) | |
| cisco | nx-os | 6.0\(2\)n2\(6\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | base | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "DA1702F4-816E-4045-80B6-2BC71DC344F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "C1AC8BC8-638A-4F73-A64B-B490675AA1A4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7F128DC9-C4CA-4547-B6C8-8E83A8C5F6C8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "99FB6C32-CD16-41E9-AB42-A294424266DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7EE1586F-E01C-4C4F-8284-1B1FE5370343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "891D883E-8263-42B2-A978-49F6AEF4CD49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "9C059CCD-1BE1-4675-8388-0DB219C04E45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "67829CF9-FDCB-4A17-9241-1B48A38B1A74", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2.\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "C0476865-D306-47B7-A84A-C163A316D9DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "C6753978-267E-4398-A1F7-96C37B5C8600", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "16131960-37FE-4154-A82C-E3249B066DC4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "7B3296D4-DA94-4E41-BAAF-CEC0E84BB498", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9B582362-FCFB-4D94-9C0E-2B7FD3F5340E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "93FF6E77-B7C2-4CBB-A8FE-1D6218BA330C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5CAF2ADA-2C84-44EB-8893-0AB612AFF68F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B6D70623-8F98-44CA-A589-B93B167F88EA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "10AE58DE-C708-4C15-B2C4-2366F4378344", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "80510B23-1F02-4FE0-BF3D-E2CD2A5D5B2F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5F179FBC-22BE-4C44-AAE0-866F1D6B1270", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C628947-4A0E-4904-A6F7-745C3370A8F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "356B4143-5184-491B-9D10-19D6536366CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C038896F-6DBC-4695-9DBE-A60F6C39AFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "9F2453F2-704F-48F7-8009-991BE0B49251", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E00B4AC8-1D27-4394-AF28-10785AEFC073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "48926DA6-2020-4D4F-AD12-555163C6C352", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "161C5BDB-CD50-40C7-B972-A1B650607338", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7A0E6C0C-B88D-4085-AA28-0EA8CD1AB419", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A967FB72-BCEB-4A76-A322-DDB0C4094E7C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C6F882AB-C25D-477F-96BF-7001BB77B955", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "35E48EE6-C498-4E13-AC5E-28F6B4391725", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A3B41075-01D1-4832-A025-07A378F2A5E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "858E4134-643C-422C-8441-5372F4BC25D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "3AB9928F-B632-4A06-8065-FFB85998D979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\)s1:*:*:*:*:*:*:*", matchCriteriaId: "BE8505B4-61A1-4E98-8E13-9F8BAF825E42", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "185B1E14-1944-4BD2-AA45-0F5025EDDC84", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3D9E0C2E-E44E-4B2D-B7EA-CFEA7BE092A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D4A05AE9-050B-4B22-B668-B5250C853DE6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B8D6E3E-CE8F-4017-B0EE-DED343049A6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F69DC16-8793-4A50-B901-2BDBE007405E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "392B8209-689D-4EFB-8B8E-04910EEB38AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8595D2-710F-4C09-BEA4-A3D81C2269A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "B4B91092-DE54-4591-9C0F-A22A04AB71E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5FE1F177-8952-4ECE-9E7D-5DB17895148A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "D95D0F4E-944D-4AB8-B316-7842CB1F9C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "7856BA8B-4959-4FC2-AF4F-747FCFCC8EBE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "3A402251-E36D-4DD1-8DE9-6DA025CBECEB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "99F6A4FB-A7C4-48C8-AEE4-584DE5A7D57C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C3BE66A-77B5-4808-BFFC-26B6A77F048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "460A7B6A-C923-4D1A-89D4-3F46FE94D003", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "74CE3C35-D73A-4FB9-B061-B8A65F84F927", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "F3E0B7CF-91B6-4E49-A763-65A2EEED5C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "30AA1C60-38DC-44E2-A4D8-0F290DA8D83C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "757A0C8E-4817-41DD-A609-2B61C36DBBCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3AECFED5-8D06-4396-BDD2-AAA0F5241839", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "772A297E-E323-4D2D-9129-6C4FC63643DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "6918EB91-679A-4F47-BB9E-3A22287F14FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A0464AAE-73CF-4B24-A5CE-5C1131909CF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "68376361-C835-4552-8490-553C9A082615", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "270620E3-92B7-4914-88C7-9D955B2B856E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A8E48600-FD20-4743-A3E8-AD5297164551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "4A10C1B6-616E-4F94-8889-9C99906326D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "01A091A5-2848-4901-B193-1EC9DD8A52E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "380FEA27-D68C-48DA-B2B9-4A3B3A71B059", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1BB0F49B-85C0-4C52-82E0-C2683D43B553", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "384B7337-1C2F-479E-BB2B-F31320D82EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3.78\\):*:*:*:*:*:*:*", matchCriteriaId: "C3B69592-B64F-4D96-A39E-887E2D38B8FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "0750C504-3D45-4ED7-9A0A-A8EEEEE426ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "108374E9-8814-41C4-9474-6EE3AF24D71F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "4F3D9588-D98A-45FC-8344-58C55F35610E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "4A190D0A-B758-49BA-9830-9870F699DA0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.", }, { lang: "es", value: "Cisco NX-OS 4.1 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de paquetes DHCP IPv4 manipulados a los agentes de retransmisión (1) DHCPv4 o (2) smart, vulnerabilidad también conocida como Bug IDs CSCuq24603, CSCur93159, CSCus21693 y CSCut76171.", }, ], id: "CVE-2015-6392", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-06T01:59:01.637", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/93406", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1036948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93406", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036948", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "C64CC640-B37D-4064-8946-B8CCCDE1A6EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "E8983275-20C6-487E-A265-3836F06AB226", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "CBCA0A4F-D475-405C-B9A7-EBB0A816B9C5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "DA0E0039-23E1-425B-8B2C-DFE2C185CC8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "9C3FB2AC-934D-4F12-9E9B-EA5F0731DA4D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "BACE91F5-EC9B-4486-80F1-CFC3DA570B9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3f\\):*:*:*:*:*:*:*", matchCriteriaId: "2C60E5B9-10AB-4A69-B28D-0D526756E6B6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3i\\):*:*:*:*:*:*:*", matchCriteriaId: "979FEE23-2C28-4212-9DA5-10A0EAFE1668", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3k\\):*:*:*:*:*:*:*", matchCriteriaId: "9B610400-181F-4621-B27B-18C2609990DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "4585B70C-E162-42FA-9CB8-42C1F34017AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3o\\):*:*:*:*:*:*:*", matchCriteriaId: "EFC3F541-E417-4FC1-8C35-5B162F35F4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4g\\):*:*:*:*:*:*:*", matchCriteriaId: "627482D8-0464-4B96-B36A-25D151F1525E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4h\\):*:*:*:*:*:*:*", matchCriteriaId: "788E6471-F000-45A7-9829-71F7AE5ED1B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4o\\):*:*:*:*:*:*:*", matchCriteriaId: "BCD04718-6743-40A1-9115-A172D1C37835", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4q\\):*:*:*:*:*:*:*", matchCriteriaId: "0277D6FD-2A73-45E9-ADA3-64998B7E4668", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "CAA00485-725D-467C-9152-DF325507E248", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "7D7ED5D0-12BD-483C-902B-CF1AE23611E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1r\\):*:*:*:*:*:*:*", matchCriteriaId: "582C120A-DFA9-40F8-875A-C7875D9D93F7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1s\\):*:*:*:*:*:*:*", matchCriteriaId: "040EFFE2-EE24-46EA-B77B-7FDCCF66923D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "4FB814B0-24AE-4C62-9CCE-5D572D0FC0A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "92FAEF9F-724D-43E9-8916-BEF64A9B8F9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(3f\\):*:*:*:*:*:*:*", matchCriteriaId: "EA448665-A433-4C40-940D-1165C6A2777F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "061AC794-EDA5-4166-85D1-EA827685C0F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "FFE372D3-4978-4C78-AE1A-14E29ED00D46", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4g\\):*:*:*:*:*:*:*", matchCriteriaId: "1A11D005-53E4-4575-8EAC-86F9DDB62FF9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4i\\):*:*:*:*:*:*:*", matchCriteriaId: "952CC9AA-D03C-44F5-8600-78C1E20D0F9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4l\\):*:*:*:*:*:*:*", matchCriteriaId: "74F6CC3C-BFCB-4CD6-830E-6A2C29EB0923", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4m\\):*:*:*:*:*:*:*", matchCriteriaId: "C27C3B5E-AD72-4A32-BE7B-885AE8DFB480", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "A2C5F386-C135-4AED-9F96-388E324F09BB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "669CF375-763C-4B83-8291-85F7CE8297F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "9188E945-D4A9-47A7-8588-302762510C2A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "36A00C1F-7270-4E2F-8420-8567336AD1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "22EE58D9-D1BF-41BD-B331-A3472D38B1D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "58B28302-6700-4B2C-9531-6BECA5113D70", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "C470740F-386B-472E-AD18-D8954AD5BE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*", matchCriteriaId: "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "2478A831-330D-4526-8A2C-DC8C0F6973ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3m\\):*:*:*:*:*:*:*", matchCriteriaId: "EAB57FD7-4350-4BFD-A6CF-EDA674AD31BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "71B4FF76-FBC5-4742-B784-90AFBE8E2767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "28328D72-D898-48C4-B7A9-D97E321C9D99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "1569E0F4-33D1-408D-88DC-26822447F325", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "FF454C26-1558-405A-B99C-ADF7A9E91B69", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "CA86F8E0-58FB-4CA5-9541-E9D55BED533D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "F031ABAD-3D20-4374-ABBE-24D5C01BE910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "F227E127-08EE-4A86-956C-BBBDB49925A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "D0CD7AC4-58DD-4795-AB15-EFA214111B42", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "64581189-9370-487A-9196-D0421CB3636E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "0BEE5B22-F9D3-4EAA-A552-7F0271080632", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "74DB471F-43AF-4E94-99B0-7D38CB3F5943", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "9217FBFE-2708-440A-90F9-0562C159DE16", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "5BA5F46C-3172-4509-856F-703E0B517E7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "E07DC9A1-E4BA-474C-96C2-0B73704628AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*", matchCriteriaId: "027DCF27-E201-4713-A1AC-526C6CA04343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "40B05631-0319-4AFA-867A-2AECEAD449CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "771CD71E-4F24-4ACC-8D86-11429379093B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "906C7861-3266-445E-BBAB-64B757229A4F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "782E194A-E91E-4C72-A86A-5BD2B9CE19BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "4CE062A4-FD32-41E5-A5B2-06BED72140E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "52016BB9-A37D-4F3A-BEB4-77CF84193652", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "CE8D042D-35C6-4BDF-9CD7-9125B19DC415", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "50F91C27-4625-4CCD-B2EB-7F34F286AB2C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "F65D3CE3-CA53-4A13-AD86-E59196B586FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*", matchCriteriaId: "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "E8DB4683-C8B2-4013-85C5-A1B5F01790B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "E66B8A3B-AE6E-4876-9C14-54B24F91229C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "57B9178C-DD7F-4FE4-BC24-7025F90A4E93", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "A5288A19-E08E-4748-A6F8-C095746D8B92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "FDFA97CC-F9AD-42A8-8FBE-D986E729336C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "4E02BE71-98EB-494D-A808-42A3B2A0A72A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "6B74C309-446F-4EAC-939E-43BC8167FE75", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "0EA38368-8EE4-4480-9A9A-D12992108475", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BFCAE710-1789-4D3A-AC2E-E6A523037172", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*", matchCriteriaId: "2E7A6830-C15E-4690-8C1A-5044A3B01C13", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "69051EB0-D60F-4E30-8939-088E50422A0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*", matchCriteriaId: "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "A6049CBB-7445-4A77-867B-5D59DF0C9332", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*", matchCriteriaId: "58BE5188-775E-42A9-BCCF-0DBACDDFC045", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*", matchCriteriaId: "762B4A37-3D8C-4172-A8FF-14F470CBDBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*", matchCriteriaId: "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "94E4F174-8F51-41AF-82C7-0CA577753191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "353FD814-0812-4B90-B8F0-D372E85CF40B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "71AF6628-3E98-4D66-B4A9-9EA16519719A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "E52B312E-9C91-40F7-BACB-1550D6632477", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "746D1151-BEC2-4404-A7CF-651D8BFA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "52CE3E73-8EC6-49D1-837F-2FBFDD51802C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "B774106E-DC00-4F79-A5F9-390483A9FBEE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "26676350-6635-4B97-8A1E-250E06A177CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "DA426885-C1FB-4DB5-900A-7C7882956BFE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5C1581-9C53-4093-BBCA-67F57CE24C67", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D548C85A-F98B-49BF-A6C3-ADEB60124822", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "970718D9-4789-414B-8ED2-FBF914B4047C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "7C45D91E-5AA4-46B4-9A87-75480AC04732", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*", matchCriteriaId: "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "32083CFE-1DAE-4BE2-AFB9-B2806F809191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "B0D61DA2-28B2-49E5-8739-38113455BD09", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "2E20496D-D83C-4CD3-B1A3-EEE0D165F609", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "71425F24-4C89-49C1-9B5E-68FAFE04F89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "310CF610-34E9-45F2-B01A-76DDEC40A040", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "09A32C04-1467-4564-A18E-EF2AAEF64244", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "ED378075-D761-4D0D-8852-93616EA2F9BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "0C9BD58D-3AE9-49C7-AE94-74878CD109B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "46D16C20-D68E-4118-B8D4-D6A2044DCD32", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*", matchCriteriaId: "ABCDA33D-8576-4DF6-90A1-710CA3F78F68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "D302931B-4425-40A6-BF7E-97FAB43D0778", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "CEBC0A74-551B-4BD1-A59A-80C119362D60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*", matchCriteriaId: "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "DEB8A917-6F49-4636-AF8C-8C18BAACE661", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*", matchCriteriaId: "79ECC89F-7F84-42E0-AF0F-4C9A609131E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*", matchCriteriaId: "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*", matchCriteriaId: "FCE26439-5B15-48F4-8E02-CC45A76297A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*", matchCriteriaId: "F8744322-4D27-44BB-9573-BDEC9E8F6B00", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*", matchCriteriaId: "83C1841C-9D9B-4A22-9080-724BC75A004E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*", matchCriteriaId: "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*", matchCriteriaId: "ED709475-D435-492E-A295-3F3202CB6CC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*", matchCriteriaId: "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "B226BA8E-FC1E-44FF-9A91-837F355E53B5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*", matchCriteriaId: "1BA59F5B-43FE-4051-9D27-F83A7A39141E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*", matchCriteriaId: "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*", matchCriteriaId: "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*", matchCriteriaId: "BDEB393A-9687-4E52-9837-B2C9E8F22D58", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "7E1BE98A-95AE-4D11-B427-68D25FE60720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "CD61CB15-1955-4A81-9F8E-02F207094260", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "455F4A6C-428C-494F-B70C-A891B83EBEF7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "322088F6-DF10-4C58-92F3-0FFBF469A6B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "20BFA5E5-0ECC-4A1F-A936-1F325A810334", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "2F5FCA86-82A3-4540-B827-BD752D9E0465", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "40D5076C-6C6F-44F9-91D7-D8F2FEB21310", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "8296DD01-9CE0-4734-97A1-43250AD87453", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "77FC6FCC-9C86-43CB-A008-82E5C3E5B791", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "1AD71858-CA76-4BE3-8B4F-626959F6A342", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "38F4C42B-D975-46B5-8A18-1D6F72A294F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "58277DB8-BBC7-4639-8967-FCBAB029641E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "7E6354B7-3CBA-4E09-93F6-B49717B2A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3l\\):*:*:*:*:*:*:*", matchCriteriaId: "C693C8FA-3324-4439-B177-6FAE387DB23D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "949C0F31-77ED-49CC-870D-70104AA908A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3q\\):*:*:*:*:*:*:*", matchCriteriaId: "007BDA28-37AD-4F37-B351-C3BE0B8418F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4i\\):*:*:*:*:*:*:*", matchCriteriaId: "9563DBDC-D2C0-4C7C-A246-EC95DC4581CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4k\\):*:*:*:*:*:*:*", matchCriteriaId: "09CF92FC-B053-4234-830F-683E06807545", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4o\\):*:*:*:*:*:*:*", matchCriteriaId: "61DF8B69-D0B7-455F-A50E-5930948BED49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4p\\):*:*:*:*:*:*:*", matchCriteriaId: "724603DA-06C9-4E64-B495-A90AD9BF31E1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(5k\\):*:*:*:*:*:*:*", matchCriteriaId: "D1255013-E3BC-4048-BD50-4641C0048FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "ABBAFC12-85C7-4FD1-B46E-D8268D00DEE9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "8F988380-7BAE-4E9C-B1E2-D3F7389E2FB7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "11E2E40A-CCD5-4CA7-826E-10923BED72E8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "95A5C1D4-EAE5-4E3F-AFCC-96B1ECDA91EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.", }, { lang: "es", value: "Una vulnerabilidad en el protocolo Link Layer Discovery Protocol (LLDP) para Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI) podría permitir a un atacante adyacente no autenticado deshabilitar la conmutación en una interfaz small form-factor pluggable (SFP). Esta vulnerabilidad es debido a una comprobación incompleta del origen de un paquete LLDP recibido. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete LLDP diseñado en una interfaz SFP a un dispositivo afectado. Una explotación con éxito podría permitir al atacante deshabilitar la conmutación en la interfaz SFP, lo que podría interrumpir el tráfico de la red", }, ], id: "CVE-2021-1231", lastModified: "2024-11-21T05:43:53.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:13.193", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-346", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "D19586BF-E7B0-4805-82C9-301648FC237F", versionEndExcluding: "2.6.1.187", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:hyper-v:*:*", matchCriteriaId: "8CA8CB21-FCD6-43B6-A1F5-904A08351887", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "B8D38023-2A8F-4A26-AC91-9F76A248872D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.140\\):*:*:*:*:*:*:*", matchCriteriaId: "6AB0B748-003C-471F-A911-9DD3079FA250", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.146\\):*:*:*:*:*:*:*", matchCriteriaId: "8ED46E9E-2851-4154-9862-E24EDB58AA9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.191\\):*:*:*:*:*:*:*", matchCriteriaId: "306FA9EB-4D35-456D-9EE3-DA1701E431CC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7.230\\):*:*:*:*:*:*:*", matchCriteriaId: "F92C2920-1313-4141-B460-7FE50D092D01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario como root o causar una condición de denegación de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad se presenta debido a encabezados de paquetes de Cisco Discovery Protocol comprobados insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete de Cisco Discovery Protocol diseñado para un dispositivo afectado adyacente de Capa 2. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer que podría permitirle ejecutar código arbitrario como root o causar una condición de DoS sobre el dispositivo afectado. Nota: Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente). Nota: Esta vulnerabilidad es diferente de las siguientes vulnerabilidades de Cisco Discovery Protocol de Cisco FXOS and NX-OS Software que Cisco anunció el 5 de febrero de 2020: Vulnerabilidad de Denegación de Servicio de Cisco Discovery Protocol de Cisco FXOS, IOS XR y NX-OS Software y Vulnerabilidad de Ejecución de Código Remota de Cisco Discovery Protocol de Cisco NX-OS Software.", }, ], id: "CVE-2020-3172", lastModified: "2024-11-21T05:30:28.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.343", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D14AF388-8D72-45DF-A268-4ACE8472F65C", versionEndExcluding: "8.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un comando CLI específico para el programa NX-OS de isco podría permitir que un atacante local autenticado con credenciales de administrador origine una condición de desbordamiento del búfer o realice una inyección de comandos. Esto podría permitir al atacante ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a un determinado comando CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento del comando CLI afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de root. Un atacante necesitaría credenciales de administrador válidas para explotar estas vulnerabilidades.", }, ], id: "CVE-2019-1768", lastModified: "2024-11-21T04:37:20.043", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-16T02:29:00.247", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108386", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108386", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-06 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/93417 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1036950 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93417 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036950 | Third Party Advisory, VDB Entry |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "AB47B822-A7B9-476C-9E4B-3CE4DFFFC773", versionEndExcluding: "6.0\\(2\\)u6\\(7\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "833C6207-758F-400C-B7D5-785EA9ABFB16", versionEndExcluding: "7.0\\(3\\)i4\\(1\\)", versionStartIncluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C0C2141E-5E85-48FF-A943-3738E1BCB66B", versionEndExcluding: "7.1\\(4\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BF84E65C-9C89-4B70-B0A1-1E2D321669B8", versionEndExcluding: "7.2\\(2\\)n1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B7805FDE-707F-4962-8425-4ADF1BEE18A1", versionEndExcluding: "7.3\\(0\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "05F23216-2704-48DE-90AD-3D779C1773F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "0113ED40-1D88-4F73-AB6B-FA33A4A6F80A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "F5811A16-161B-4C17-AC71-93CF53A7B2E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "355F2487-B51E-49A6-88B1-DF0BA826B896", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "736C78B5-EE17-432A-9EAE-02543A12C174", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "87396D43-398D-4262-B195-9AF90A8E3BF9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "2113D681-B5CA-4C89-B072-67778753E885", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "E3341B59-C9DC-4152-AF41-5CFFE54D877B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "4CE3E3B1-6269-40CF-9C79-87BB2756C25E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "4E574BDD-0A58-42A5-9046-DF48C2502B3E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0E9D6862-7F78-47D2-B273-8EE4EAE216F5", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DA46BF2A-EBD2-4209-9BA0-10E91731546B", versionEndExcluding: "7.2\\(2\\)d1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "711D9952-EEDA-443A-9950-DDE17532C8AE", versionEndExcluding: "7.3\\(1\\)d1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "07CE8677-C7A8-4C14-A375-B345A3A1F75B", versionEndExcluding: "5.2\\(1\\)sv3\\(1.15\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v_for_vmware_vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "DFEFE545-DDDC-491C-8F47-DEC79C735873", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "833C6207-758F-400C-B7D5-785EA9ABFB16", versionEndExcluding: "7.0\\(3\\)i4\\(1\\)", versionStartIncluding: "6.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EB693F6F-3D70-43C1-88F8-B38F22522288", versionEndExcluding: "11.1\\(1j\\)", versionStartIncluding: "11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "31BCBC21-1B0A-46D4-AF49-D90DB842147E", versionEndExcluding: "6.0\\(2\\)a8\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.", }, { lang: "es", value: "Cisco NX-OS 4.0 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) aprovechando una relación entre iguales para enviar un mensaje BGP UPDATE manipulado, vulnerabilidad también conocida como Bug IDs CSCuq77105 y CSCux11417.", }, ], id: "CVE-2016-1454", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-06T10:59:03.913", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93417", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036950", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-07-03 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/75503 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032764 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75503 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032764 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.2\(10\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.", }, { lang: "es", value: "Cisco NX-OS 6.2(10) en los dispositivos Nexus y MDS 9000 permite a usuarios locales ejecutar comandos del sistema operativo arbitrarios mediante la entrada de parámetro tar manipulados en la interfaz líneas de comando, también conocido como Bug ID CSCus44856.", }, ], id: "CVE-2015-4232", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-07-03T10:59:01.343", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75503", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032764", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-24 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/75378 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032712 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39469 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75378 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032712 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 1.1\(1g\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:1.1\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "259E6EC6-B4CC-40A0-8250-E486AD621ACD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.", }, { lang: "es", value: "Cisco NX-OS 1.1(1g) en los dispositivos Nexus 9000 permite a usuarios remotos autenticados descubrir contraseñas en texto claro mediante el aprovechamiento de la existencia de un mecanismo de descifrado, también conocido como Bug ID CSCuu84391.", }, ], id: "CVE-2015-4213", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-24T10:59:09.073", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75378", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032712", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75378", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032712", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(1\) | |
| cisco | nx-os | 6.0\(2\)a6\(1a\) | |
| cisco | nx-os | 6.0\(2\)a6\(2\) | |
| cisco | nx-os | 6.0\(2\)a6\(2a\) | |
| cisco | nx-os | 6.0\(2\)a6\(3\) | |
| cisco | nx-os | 6.0\(2\)a6\(3a\) | |
| cisco | nx-os | 6.0\(2\)a6\(4\) | |
| cisco | nx-os | 6.0\(2\)a6\(4a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5\) | |
| cisco | nx-os | 6.0\(2\)a6\(5a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5b\) | |
| cisco | nx-os | 6.0\(2\)a6\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(7\) | |
| cisco | nx-os | 6.0\(2\)a6\(8\) | |
| cisco | nx-os | 6.0\(2\)a7\(1\) | |
| cisco | nx-os | 6.0\(2\)a7\(1a\) | |
| cisco | nx-os | 6.0\(2\)a7\(2\) | |
| cisco | nx-os | 6.0\(2\)a7\(2a\) | |
| cisco | nx-os | 6.0\(2\)a8 | |
| cisco | nx-os | 6.0\(2\)a8\(1\) | |
| cisco | nx-os | 6.0\(2\)a8\(2\) | |
| cisco | nx-os | 6.0\(2\)a8\(3\) | |
| cisco | nx-os | 6.0\(2\)a8\(4\) | |
| cisco | nx-os | 6.0\(2\)a8\(4a\) | |
| cisco | nx-os | 6.0\(2\)a8\(5\) | |
| cisco | nx-os | 6.0\(2\)a8\(6\) | |
| cisco | nx-os | 6.0\(2\)a8\(6.213\) | |
| cisco | nx-os | 6.0\(2\)a8\(7\) | |
| cisco | nx-os | 6.0\(2\)a8\(7a\) | |
| cisco | nx-os | 6.0\(2\)a8\(7b\) | |
| cisco | nx-os | 6.0\(2\)a8\(8\) | |
| cisco | nx-os | 6.0\(2\)a8\(9\) | |
| cisco | nx-os | 6.0\(2\)a8\(9.7\) | |
| cisco | nx-os | 6.0\(2\)a8\(10\) | |
| cisco | nx-os | 6.0\(2\)a8\(10a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11\) | |
| cisco | nx-os | 6.0\(2\)a8\(11a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11b\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.0\(2\)u5\(2\) | |
| cisco | nx-os | 6.0\(2\)u5\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(4\) | |
| cisco | nx-os | 6.0\(2\)u6 | |
| cisco | nx-os | 6.0\(2\)u6\(0.46\) | |
| cisco | nx-os | 6.0\(2\)u6\(1\) | |
| cisco | nx-os | 6.0\(2\)u6\(1a\) | |
| cisco | nx-os | 6.0\(2\)u6\(2\) | |
| cisco | nx-os | 6.0\(2\)u6\(2a\) | |
| cisco | nx-os | 6.0\(2\)u6\(3\) | |
| cisco | nx-os | 6.0\(2\)u6\(3a\) | |
| cisco | nx-os | 6.0\(2\)u6\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(4a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5\) | |
| cisco | nx-os | 6.0\(2\)u6\(5a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5b\) | |
| cisco | nx-os | 6.0\(2\)u6\(5c\) | |
| cisco | nx-os | 6.0\(2\)u6\(6\) | |
| cisco | nx-os | 6.0\(2\)u6\(7\) | |
| cisco | nx-os | 6.0\(2\)u6\(8\) | |
| cisco | nx-os | 6.0\(2\)u6\(9\) | |
| cisco | nx-os | 6.0\(2\)u6\(10\) | |
| cisco | nx-os | 6.0\(2\)u6\(10a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(3\) | |
| cisco | nx-os | 6.2\(3n\) | |
| cisco | nx-os | 6.2\(5\) | |
| cisco | nx-os | 6.2\(5a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(7\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 6.2\(25\) | |
| cisco | nx-os | 6.2\(27\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)f1 | |
| cisco | nx-os | 7.0\(3\)f2 | |
| cisco | nx-os | 7.0\(3\)f3 | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3b\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5 | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7 | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(6z\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ia7\(1\) | |
| cisco | nx-os | 7.0\(3\)ia7\(2\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im3\(1\) | |
| cisco | nx-os | 7.0\(3\)im3\(2\) | |
| cisco | nx-os | 7.0\(3\)im3\(2a\) | |
| cisco | nx-os | 7.0\(3\)im3\(2b\) | |
| cisco | nx-os | 7.0\(3\)im3\(3\) | |
| cisco | nx-os | 7.0\(3\)im7\(2\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(0.1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)d\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nx-os | 8.0\(1\) | |
| cisco | nx-os | 8.1\(1\) | |
| cisco | nx-os | 8.1\(1a\) | |
| cisco | nx-os | 8.1\(1b\) | |
| cisco | nx-os | 8.1\(2\) | |
| cisco | nx-os | 8.1\(2a\) | |
| cisco | nx-os | 8.2\(1\) | |
| cisco | nx-os | 8.2\(2\) | |
| cisco | nx-os | 8.2\(3\) | |
| cisco | nx-os | 8.2\(4\) | |
| cisco | nx-os | 8.2\(5\) | |
| cisco | nx-os | 8.3\(1\) | |
| cisco | nx-os | 8.3\(2\) | |
| cisco | nx-os | 8.4\(1\) | |
| cisco | nx-os | 8.4\(1a\) | |
| cisco | nx-os | 9.2\(1\) | |
| cisco | nx-os | 9.2\(2\) | |
| cisco | nx-os | 9.2\(2t\) | |
| cisco | nx-os | 9.2\(2v\) | |
| cisco | nx-os | 9.2\(3\) | |
| cisco | nx-os | 9.2\(3y\) | |
| cisco | nx-os | 9.3\(1\) | |
| cisco | nx-os | 9.3\(1z\) | |
| cisco | nx-os | 9.3\(2\) | |
| cisco | nx-os | 9.3\(3\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132c-z | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264c-e | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3408-s | - | |
| cisco | nexus_34180yc | - | |
| cisco | nexus_3432d-s | - | |
| cisco | nexus_3464c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548 | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nexus_36180yc-r | - | |
| cisco | nexus_3636c-r | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AECBA131-0D2F-466D-847B-60F72199C90E", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B3A7CA3B-47C2-4721-B8A9-14C2C02969E0", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF658ED7-F77C-405B-B06A-74B46FBDAD98", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7295EC54-FA19-4658-8510-3C072804D9E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B31E39D5-147B-4965-ACB6-34F1244143F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3D672928-6AE8-488B-A2A5-257074BAB2D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E64D8992-CA79-4ADF-BF3B-A76E944EC740", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "11A35378-54EB-422F-B0DD-211B214803D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "1E46D326-665C-4DB7-89A0-0F1B987D4A18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "BB8F0200-7BCA-49E9-98E0-D825630D77FF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "61F736DD-44FE-4A20-AF89-4B29725608A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8844860D-427F-4B01-980A-59B082F26034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "CCA96B43-0793-4784-A971-DD442EBFF6BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B13305C9-008F-488A-ADC7-0724AFB313DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "50DFAF49-0688-4A5A-9023-E2543164D89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "46376F5C-2CF0-46F1-ADCF-870065A24D12", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "5EB6C0E3-9B92-4768-93BB-8B8626EB164A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "5E6FB730-84CD-496D-9140-BC9375548D14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "BD712B88-298A-4488-A053-67CB45190F57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4ED5F397-D3E6-4A4A-BF38-6B295A6AB9BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "11D98EBD-9D82-492E-A3A6-62D95404D5C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "56D91C38-76AB-47F5-BDDE-E940D87C34F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF78015A-5C28-4FD2-915E-EC343201A9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", matchCriteriaId: "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "31308B18-062C-4DB8-9241-F15661C06398", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "310856A9-CA62-4C1A-A4C9-B6EECC36F496", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "3D295366-662E-4C8E-9758-3DB801E0ABA8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "F09360A9-3FB1-465F-977E-643942D01FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "3F034BF4-31E6-46FB-B082-EA22FFE51AAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6.213\\):*:*:*:*:*:*:*", matchCriteriaId: "17B9D603-75C0-4241-BD4B-3C891A2C5BD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "063BB311-EC8D-43E5-9B9D-56C96121EB9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "003AAC03-306E-4D12-B4C7-7ECA4ED88884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0DAA33-3841-4C14-A137-93E1810CC866", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "ACD5B480-2780-48EB-B361-4EF4833D97E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "629488D4-D8A4-4152-A4D3-E951F199C6DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*", matchCriteriaId: "B07F6A0D-82C3-4C2C-9715-3D07083E6F56", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "03901678-2CCB-4ED5-AF04-D8469BF12804", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "625BE6B1-12A7-4A8A-A816-E82C026E0457", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "4EAC2920-462B-44F0-8E93-7875C2F74592", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "35957A41-D8F2-4BC1-986B-C3E271327D64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "4301927C-7A6D-4DA9-9470-9182E7FB234A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B5EC76-A4A7-41C0-9F37-5EC85FD1EB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "66BC7FC9-1167-41C5-9B0E-7D68400F3C39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EB46CC-2939-4326-8CB9-504D7C7EF05E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*", matchCriteriaId: "0CDB1D59-C964-4D30-B55E-08E68562300C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(0.46\\):*:*:*:*:*:*:*", matchCriteriaId: "62C7EA58-2F17-41B2-8955-CADE8B7D2FED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8845147E-D3B1-41B9-BBD2-77B2823F3AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7B2F23-F532-40D2-884E-D86785B33296", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "D498C133-AA11-49C4-B065-F27CE776D318", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08032AAC-F094-4717-A56F-89289FBD1F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "C5ADD4D3-206C-4609-AB2A-F6945D56627B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "07645F73-AC79-4BB8-A98E-1740F7D6EC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "9DC56869-4665-49D1-89F2-8ED97727BD94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "1162691A-6C92-448A-8F1B-2DEFB623F1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "57524BA3-CF08-4F0F-95C9-F1417B4B83E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*", matchCriteriaId: "D0E214C2-24CF-43EC-BC27-2E6AA77254DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0D74A0-C4B2-46EC-A9FF-562A997E3150", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "817A45B4-7C79-4D1A-B889-18A937CF8361", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "155F3CB7-A85B-4897-A4E2-F485FDF44AD4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "9D34CAB5-0832-45B1-B13F-49B763AFB74F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "7C0DB182-F37A-4230-BD6F-461C3195FAF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "065A0E6C-E0BD-4BD1-97EB-723EC4BDFA60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C857C0F-B023-4CF7-9916-6735C40425F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "DD503699-A02E-4A62-827F-0906C94448EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "07863B2B-D780-4641-BADE-A5AFFAD95E57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*", matchCriteriaId: "65CCE422-71DB-4500-AC91-9FB4DD5924A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*", matchCriteriaId: "C37B944B-CFB6-41F6-B4ED-049BEB3732E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*", matchCriteriaId: "0B86774A-900E-4A02-B671-C13C18965358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*", matchCriteriaId: "D23ADF50-748F-4795-B564-6D934B95F8D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1:*:*:*:*:*:*:*", matchCriteriaId: "26AAAA6C-70FB-4562-AE8B-1BCB9A0DDA49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2:*:*:*:*:*:*:*", matchCriteriaId: "B4243B6B-7DC5-46D9-A918-5D2BD74561F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3:*:*:*:*:*:*:*", matchCriteriaId: "1BFF2221-DCA4-4217-8199-76EFC43DD639", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "45A37F82-44B3-426C-A344-9054599BB426", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "53378B5F-4A5B-425D-B8BE-455FAF924551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "F2CB77FE-97B4-439F-BED0-59688252E87D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "076216C6-C115-4C7C-A9E3-46A3986DA2AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A819AE96-3933-4AD2-AF30-36E199393E01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A2FBF6CB-DE31-453D-BF47-89D0766D3020", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "046E260B-F842-41BA-914B-ACD7B71AB62F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "AAF537FC-B681-4F52-9324-9A4AC29651AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B2E736-F9D2-453A-9998-38800CC875F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*", matchCriteriaId: "2C24518B-D2D5-471A-BB19-B839792607D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "8D93FA53-ADC0-4031-B693-84111E1EEDC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "2B3E4490-6DD8-44BE-A681-105F526AE6E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "E02F54C2-C551-4FC4-A6FF-737CFD465D37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "77C98C47-688B-404B-A6CD-96AD5C0FD7F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*", matchCriteriaId: "3D20DDF8-145B-443D-8D92-404F574929F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4142F873-0492-4ACC-88F9-3A243128D0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*", matchCriteriaId: "CAEFC7FE-718E-4544-A86B-3243C2C14EDC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "30A500F4-1899-4F96-98E3-9330146A7963", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "FE52C974-3930-4AC9-907B-8E6B325D6A1E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD07DE9-5C98-4A63-A741-8E69E9F125D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*", matchCriteriaId: "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "6A35B6DA-BF07-4579-8D6A-65CD8E052482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0B3DB8-8121-4FDC-8A11-42AB619101EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "70830AB5-C86B-4726-A982-6F104910153E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*", matchCriteriaId: "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E0904B27-2FA3-4B8D-9706-98B0376B5FC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5:*:*:*:*:*:*:*", matchCriteriaId: "D9B7B5DE-1177-466F-B6AD-9641EAC0E113", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1D86994-83EE-4D09-B79A-70CB22C077C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "654694A7-394C-4843-9197-91FC00445E40", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "1798EAC2-026C-4757-860F-D7417A2BA881", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "FD83DA54-DF65-4837-90AD-837F75412E69", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "00953B63-7DBB-4A67-B41D-321C2ECDE79A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "80B54786-DA2A-4E2D-9835-6A7939931928", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7688EC58-4647-4A08-9E86-A71EA7C41B88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*", matchCriteriaId: "6E7DA901-990A-4388-9B72-943E77269B4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D5AD2254-158D-4BEE-B36C-242813F4BA37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "4480D800-595F-44CB-85ED-7E17A34A5BEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "AD015889-3893-4781-B18D-6125A9B6CE39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*", matchCriteriaId: "4E355839-76C1-4D48-9892-53EEADD2B629", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "89541F84-0C10-4757-8D25-80FC4464EC23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "371AEAF3-39CA-4837-BA5A-D80826933C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C474B035-BFDC-4617-9285-D10C970342A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "D9D9DD45-8C38-4753-9168-0E5BF96146DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "259F3DCA-D218-4CF1-9CB4-23ECB070719F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C55F18EF-F751-400F-88DD-76ADD2B60BE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AE1D0444-6A5E-4252-B761-28FEFAEE8BAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "578691EB-19D3-4B75-9783-B6D4F0FE1CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C89EAEB-1944-4082-B1AF-CEAC39BE762A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DD8BA29C-7F6E-492A-8EB1-A2D6391C5120", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "32EB01A2-9A00-4EFF-80F0-D192C79B1489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A462729A-720F-4180-96DD-713A70CEF494", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "832DE1DB-0D1C-4C24-8E2D-D182205C94B0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*", matchCriteriaId: "D0FBFB9B-703D-42F8-93BA-969AB7284106", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C95519E-7536-4EF7-8222-D4089500F826", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "71F56568-57E6-4C1C-AC8A-D96E097E449E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F631EAC6-1D33-485E-9E00-8572FA015C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "25CEAE9E-DD9B-41E2-BC39-3332F428B489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC9BC24B-BEB3-4D55-93C8-8334B8BC0BC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C801D4A-E604-49CA-8D14-13622E85C563", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "EC78BEB7-47D1-4544-BC40-AB5D73B93D78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "A1F519D0-64BC-4862-8894-4F6C248253C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "94A247A8-E918-4757-9ADE-251B027CD307", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "195CD630-4949-4B52-B9FF-94F3DEFB47AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "225E5070-B635-4752-B771-0E721C96C2AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9E5CD729-234E-43C0-A6A3-A3E0983A6605", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4A30E576-56F8-4EBA-AADE-C70655DE6E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "74415A0A-A3F4-43BB-B609-B6641771D655", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E485E99D-F421-487D-86E7-A2D119623D47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2622260B-F77B-4510-9B9D-078B994BBE64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "94AA886F-7BD1-4699-B1D3-E495EFCA2812", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FF9B10D1-29C0-4B16-813A-B535C4C64E47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "84551391-3A13-42EC-855F-FBB3453F65D4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "41A683FE-68AF-43E4-B846-2E82ACDD5E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C8B149C-D842-496A-BE21-41920F95139C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "42D84BD8-D76B-422E-9E46-4A667A981FAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "1A727000-44CC-461C-A7D6-0B9A99CB974A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "105B6601-D756-4B76-9554-5B6E027A5E8E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B1340D1-8EE8-484F-979A-AB9E34D35EB3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6AE0D110-D8D7-4D50-A599-618A5120EDD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "B2B7951C-8376-49C3-BF50-E6B65909A739", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "409A92B8-F9A5-401E-B77F-177C48B22F23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "298709C4-69BF-48BA-A317-4251B5461A0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "0EF15089-A16E-47CC-AB52-78AB85F681BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3FB0B238-4F3A-4569-89B0-ED80533D87C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CF90B861-F48B-45DF-ACB8-F91030106181", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "CAB301FC-988F-4FC3-A097-E926E541F098", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6CFA19E0-0121-4422-83AF-94039520A0F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "03201B37-841C-432F-8643-352833381373", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B8E31F-6B33-43E0-9585-5736D54FE876", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3C828C0E-99E6-4DEF-9EB3-672DEB61F479", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D0A868C7-1060-4A48-819E-013F435F08D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "6EB58108-78E4-4208-A549-C86B37422828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*", matchCriteriaId: "AA0623C0-E021-4DA0-926A-4466DDBC0BA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "F62AE0F2-812F-450E-BE9D-01A3AD15028E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F21A73-278B-4CEC-A887-E4FB53C6AA94", versionEndExcluding: "3.2\\(3o\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EB2E352F-4A19-4612-970B-12978D869A09", versionEndExcluding: "4.1\\(1c\\)", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante no autenticado causar bloqueos en el proceso, lo que podría resultar en una condición de denegación de servicio (DoS) en un dispositivo afectado. El vector de ataque es dependiente de la configuración y podría ser remoto o adyacente. Para obtener más información sobre el vector de ataque, consulte la sección Detalles de este aviso. La vulnerabilidad es debido a un manejo insuficiente de errores cuando el software afectado analiza los mensajes de Cisco Fabric Services. Un atacante podría explotar esta vulnerabilidad mediante el envío de mensajes maliciosos de Cisco Fabric Services hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una recarga de un dispositivo afectado, lo que podría resultar en una condición DoS", }, ], id: "CVE-2020-3517", lastModified: "2024-11-21T05:31:14.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.550", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108394 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AF1D583A-2AB3-4E66-9DE9-24AD9CE0C850", versionEndExcluding: "2.4.1.101", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "86770ECC-BC1D-42BC-A65B-FCE598491BEE", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1779", lastModified: "2024-11-21T04:37:21.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.320", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108394", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1779", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-10 14:15
Modified
2025-04-12 01:00
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
Impacted products
{ cisaActionDue: "2023-10-31", cisaExploitAdd: "2023-10-10", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "HTTP/2 Rapid Reset Attack Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D5200E35-222B-42E0-83E0-5B702684D992", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*", matchCriteriaId: "C3BDC297-F023-4E87-8518-B84CCF9DD6A8", versionEndExcluding: "1.57.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*", matchCriteriaId: "D12D5257-7ED2-400F-9EF7-40E0D3650C2B", versionEndExcluding: "4.1.100", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*", matchCriteriaId: "1B058776-B5B7-4079-B0AF-23F40926DCEC", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*", matchCriteriaId: "6D565975-EFD9-467C-B6E3-1866A4EF17A4", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*", matchCriteriaId: "6D487271-1B5E-4F16-B0CB-A7B8908935C6", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*", matchCriteriaId: "BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "A4A6F189-6C43-462D-85C9-B0EBDA8A4683", versionEndExcluding: "9.4.53", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "C993C920-85C0-4181-A95E-5D965A670738", versionEndExcluding: "10.0.17", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "08E79A8E-E12C-498F-AF4F-1AAA7135661E", versionEndExcluding: "11.0.17", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "F138D800-9A3B-4C76-8A3C-4793083A1517", versionEndExcluding: "12.0.2", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*", matchCriteriaId: "6341DDDA-AD27-4087-9D59-0A212F0037B4", versionEndExcluding: "2.7.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", matchCriteriaId: "328120E4-C031-44B4-9BE5-03B0CDAA066F", versionEndExcluding: "1.20.10", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", matchCriteriaId: "5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A", versionEndExcluding: "1.21.3", versionStartIncluding: "1.21.0", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*", matchCriteriaId: "D7D2F801-6F65-4705-BCB9-D057EA54A707", versionEndExcluding: "0.17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*", matchCriteriaId: "801F25DA-F38C-4452-8E90-235A3B1A5FF0", versionEndExcluding: "0.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D93F04AD-DF14-48AB-9F13-8B2E491CF42E", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7522C760-7E07-406F-BF50-5656D5723C4F", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A7F605E-EB10-40FB-98D6-7E3A95E310BC", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "783E62F2-F867-48F1-B123-D1227C970674", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6603ED6A-3366-4572-AFCD-B3D4B1EC7606", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "88978E38-81D3-4EFE-8525-A300B101FA69", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0510296F-92D7-4388-AE3A-0D9799C2FC4D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D7698D6C-B1F7-43C1-BBA6-88E956356B3D", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "05E452AA-A520-4CBE-8767-147772B69194", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "596FC5D5-7329-4E39-841E-CAE937C02219", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "B3C7A168-F370-441E-8790-73014BCEC39F", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "CF16FD01-7704-40AB-ACB2-80A883804D22", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9167FEC1-2C37-4946-9657-B4E69301FB24", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "7B4B3442-E0C0-48CD-87AD-060E15C9801E", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "20662BB0-4C3D-4CF0-B068-3555C65DD06C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "59203EBF-C52A-45A1-B8DF-00E17E3EFB51", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8F39403-C259-4D6F-9E9A-53671017EEDB", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "220F2D38-FA82-45EF-B957-7678C9FEDBC1", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5C698C1C-A3DD-46E2-B05A-12F2604E7F85", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "922AA845-530A-4B4B-9976-4CBC30C8A324", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F938EB43-8373-47EB-B269-C6DF058A9244", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1771493E-ACAA-477F-8AB4-25DB12F6AD6E", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "87670A74-34FE-45DF-A725-25B804C845B3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "C7E422F6-C4C2-43AC-B137-0997B5739030", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "CC3F710F-DBCB-4976-9719-CF063DA22377", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "67DB21AE-DF53-442D-B492-C4ED9A20B105", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "4C9FCBCB-9CE0-49E7-85C8-69E71D211912", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "112DFA85-90AD-478D-BD70-8C7C0C074F1B", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "21D51D9F-2840-4DEA-A007-D20111A1745C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC1D037-74D2-4F92-89AD-C90F6CBF440B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "2FBCE2D1-9D93-415D-AB2C-2060307C305A", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "8070B469-8CC4-4D2F-97D7-12D0ABB963C1", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "A326597E-725D-45DE-BEF7-2ED92137B253", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7B235A78-649B-46C5-B24B-AB485A884654", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "08B25AAB-A98C-4F89-9131-29E3A8C0ED23", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "98D2CE1E-DED0-470A-AA78-C78EF769C38E", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "BC36311E-BB00-4750-85C8-51F5A2604F07", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "A65D357E-4B40-42EC-9AAA-2B6CEF78C401", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "ABBD10E8-6054-408F-9687-B9BF6375CA09", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6018B01-048C-43BB-A78D-66910ED60CA9", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "83794B04-87E2-4CA9-81F5-BB820D0F5395", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D9EC2237-117F-43BD-ADEC-516CF72E04EF", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "29563719-1AF2-4BB8-8CCA-A0869F87795D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D24815DD-579A-46D1-B9F2-3BB2C56BC54D", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0A6E7035-3299-474F-8F67-945EA9A059D0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0360F76D-E75E-4B05-A294-B47012323ED9", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7A4607BF-41AC-4E84-A110-74E085FF0445", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "441CC945-7CA3-49C0-AE10-94725301E31D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*", matchCriteriaId: "969C4F14-F6D6-46D6-B348-FC1463877680", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*", matchCriteriaId: "41AD5040-1250-45F5-AB63-63F333D49BCC", versionEndIncluding: "1.8.2", versionStartIncluding: "1.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8257AA59-C14D-4EC1-B22C-DFBB92CBC297", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FFF5007E-761C-4697-8D34-C064DF0ABE8D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "910441D3-90EF-4375-B007-D51120A60AB2", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "667EB77B-DA13-4BA4-9371-EE3F3A109F38", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "8A6F9699-A485-4614-8F38-5A556D31617E", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "5A90F547-97A2-41EC-9FDF-25F869F0FA38", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "E76E1B82-F1DC-4366-B388-DBDF16C586A0", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "660137F4-15A1-42D1-BBAC-99A1D5BB398B", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C446827A-1F71-4FAD-9422-580642D26AD1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "D47B7691-A95B-45C0-BAB4-27E047F3C379", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD1637D-0E42-4928-867A-BA0FDB6E8462", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "3A599F90-F66B-4DF0-AD7D-D234F328BD59", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3D1B2000-C3FE-4B4C-885A-A5076EB164E1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8AB23AE6-245E-43D6-B832-933F8259F937", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", matchCriteriaId: "1188B4A9-2684-413C-83D1-E91C75AE0FCF", versionEndIncluding: "1.25.2", versionStartIncluding: "1.9.5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3337609D-5291-4A52-BC6A-6A8D4E60EB20", versionEndIncluding: "2.4.2", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6CF0ABD9-EB28-4966-8C31-EED7AFBF1527", versionEndIncluding: "3.3.0", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*", matchCriteriaId: "F291CB34-47A4-425A-A200-087CC295AEC8", versionEndExcluding: "r29", versionStartIncluding: "r25", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*", matchCriteriaId: "5892B558-EC3A-43FF-A1D5-B2D9F70796F0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", matchCriteriaId: "96BF2B19-52C7-4051-BA58-CAE6F912B72F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B", versionEndIncluding: "8.5.93", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34", versionEndIncluding: "9.0.80", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "0765CC3D-AB1A-4147-8900-EF4C105321F2", versionEndIncluding: "10.1.13", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*", matchCriteriaId: "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*", matchCriteriaId: "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", matchCriteriaId: "2AAD52CE-94F5-4F98-A027-9A7E68818CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", matchCriteriaId: "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", matchCriteriaId: "03A171AF-2EC8-4422-912C-547CDB58CAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*", matchCriteriaId: "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*", matchCriteriaId: "49350A6E-5E1D-45B2-A874-3B8601B3ADCC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*", matchCriteriaId: "5F50942F-DF54-46C0-8371-9A476DD3EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*", matchCriteriaId: "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*", matchCriteriaId: "98792138-DD56-42DF-9612-3BDC65EEC117", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*", matchCriteriaId: "08190072-3880-4EF5-B642-BA053090D95B", versionEndExcluding: "1.28.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", matchCriteriaId: "5F4CDEA9-CB47-4881-B096-DA896E2364F3", versionEndExcluding: "1.56.3", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "E65AF7BC-7DAE-408A-8485-FBED22815F75", versionEndIncluding: "1.59.2", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", matchCriteriaId: "DD868DDF-C889-4F36-B5E6-68B6D9EA48CC", versionEndExcluding: "1.58.3", versionStartIncluding: "1.58.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*", matchCriteriaId: "FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", matchCriteriaId: "4496821E-BD55-4F31-AD9C-A3D66CBBD6BD", versionEndExcluding: "6.0.23", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", matchCriteriaId: "8DF7ECF6-178D-433C-AA21-BAE9EF248F37", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", matchCriteriaId: "1C3418F4-B8BF-4666-BB39-C188AB01F45C", versionEndExcluding: "6.0.23", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", matchCriteriaId: "1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*", matchCriteriaId: "3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314", versionEndExcluding: "2023-10-08", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "16A8F269-E07E-402F-BFD5-60F3988A5EAF", versionEndExcluding: "17.2.20", versionStartIncluding: "17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8", versionEndExcluding: "17.4.12", versionStartIncluding: "17.4", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "DA5834D4-F52F-41C0-AA11-C974FFEEA063", versionEndExcluding: "17.6.8", versionStartIncluding: "17.6", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "2166106F-ACD6-4C7B-B0CC-977B83CC5F73", versionEndExcluding: "17.7.5", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", matchCriteriaId: "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F", versionEndExcluding: "10.0.14393.6351", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", matchCriteriaId: "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1", versionEndExcluding: "10.0.14393.6351", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", matchCriteriaId: "E500D59C-6597-45E9-A57B-BE26C0C231D3", versionEndExcluding: "10.0.17763.4974", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F9A643-90C6-489C-98A0-D2739CE72F86", versionEndExcluding: "10.0.19044.3570", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", matchCriteriaId: "1814619C-ED07-49E0-A50A-E28D824D43BC", versionEndExcluding: "10.0.19045.3570", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", matchCriteriaId: "100A27D3-87B0-4E72-83F6-7605E3F35E63", versionEndExcluding: "10.0.22000.2538", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", matchCriteriaId: "C6A36795-0238-45C9-ABE6-3DCCF751915B", versionEndExcluding: "10.0.22621.2428", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "C61F0294-5C7E-4DB2-8905-B85D0782F35F", versionEndExcluding: "18.18.2", versionStartIncluding: "18.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "69843DE4-4721-4F0A-A9B7-0F6DF5AAA388", versionEndExcluding: "20.8.1", versionStartIncluding: "20.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*", matchCriteriaId: "B25279EF-C406-4133-99ED-0492703E0A4E", versionEndExcluding: "2023-10-11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*", matchCriteriaId: "9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5", versionEndExcluding: "2023-10-10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*", matchCriteriaId: "9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C", versionEndExcluding: "2023.10.16.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*", matchCriteriaId: "EDEB508E-0EBD-4450-9074-983DDF568AB4", versionEndExcluding: "3.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", matchCriteriaId: "93A1A748-6C71-4191-8A16-A93E94E2CDE4", versionEndExcluding: "8.1.9", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", matchCriteriaId: "4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A", versionEndExcluding: "9.2.3", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*", matchCriteriaId: "6F70360D-6214-46BA-AF82-6AB01E13E4E9", versionEndExcluding: "2.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DA759E-1AF8-49D3-A3FC-1B426C13CA82", versionEndExcluding: "4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF", versionEndExcluding: "1.17.6", vulnerable: true, }, { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "F0C8E760-C8D2-483A-BBD4-6A6D292A3874", versionEndExcluding: "1.18.3", versionStartIncluding: "1.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7", versionEndExcluding: "1.19.1", versionStartIncluding: "1.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*", matchCriteriaId: "050AE218-3871-44D6-94DA-12D84C2093CB", versionEndExcluding: "2023-10-10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*", matchCriteriaId: "B36BFFB0-C0EC-4926-A1DB-0B711C846A68", versionEndExcluding: "2.10.5", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "376EAF9B-E994-4268-9704-0A45EA30270F", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "F3D08335-C291-4623-B80C-3B14C4D1FA32", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21033CEE-CEF5-4B0D-A565-4A6FC764AA6D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*", matchCriteriaId: "FC4C66B1-42C0-495D-AE63-2889DE0BED84", versionEndExcluding: "2023-10-11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "8633E263-F066-4DD8-A734-90207207A873", versionEndIncluding: "2.12.5", versionStartIncluding: "2.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "34A23BD9-A0F4-4D85-8011-EAC93C29B4E8", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "27ED3533-A795-422F-B923-68BE071DC00D", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "45F7E352-3208-4188-A5B1-906E00DF9896", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "DF89A8AD-66FE-439A-B732-CAAB304D765B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*", matchCriteriaId: "A400C637-AF18-4BEE-B57C-145261B65DEC", versionEndExcluding: "1.26.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*", matchCriteriaId: "653A5B08-0D02-4362-A8B1-D00B24C6C6F2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*", matchCriteriaId: "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", matchCriteriaId: "F0FD736A-8730-446A-BA3A-7B608DB62B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F4C504B6-3902-46E2-82B7-48AEC9CDD48D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", matchCriteriaId: "7B4BE2D6-43C3-4065-A213-5DB1325DC78F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*", matchCriteriaId: "1D54F5AE-61EC-4434-9D5F-9394A3979894", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", matchCriteriaId: "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4E37E1B3-6F68-4502-85D6-68333643BDFF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "6D5A7736-A403-4617-8790-18E46CB74DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "33F13B03-69BF-4A8B-A0A0-7F47FD857461", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "9393119E-F018-463F-9548-60436F104195", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*", matchCriteriaId: "DC45EE1E-2365-42D4-9D55-92FA24E5ED3A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E567CD9F-5A43-4D25-B911-B5D0440698F4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", matchCriteriaId: "68146098-58F8-417E-B165-5182527117C4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "CB4D6790-63E5-4043-B8BE-B489D649061D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*", matchCriteriaId: "78698F40-0777-4990-822D-02E1B5D0E2C0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", matchCriteriaId: "B87C8AD3-8878-4546-86C2-BF411876648C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*", matchCriteriaId: "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", matchCriteriaId: "A58966CB-36AF-4E64-AB39-BE3A0753E155", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*", matchCriteriaId: "585BC540-073B-425B-B664-5EA4C00AFED6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", matchCriteriaId: "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "72A54BDA-311C-413B-8E4D-388AD65A170A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A305F012-544E-4245-9D69-1C8CD37748B1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B40CCE4F-EA2C-453D-BB76-6388767E5C6D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "EF93A27E-AA2B-4C2E-9B8D-FE7267847326", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "2B12A3A8-6456-481A-A0C9-524543FCC149", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", matchCriteriaId: "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*", matchCriteriaId: "4E22EBF9-AA0D-4712-9D69-DD97679CE835", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*", matchCriteriaId: "941B114C-FBD7-42FF-B1D8-4EA30E99102C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "339CFB34-A795-49F9-BF6D-A00F3A1A4F63", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "8D044DBE-6F5A-4C53-828E-7B1A570CACFF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*", matchCriteriaId: "65203CA1-5225-4E55-A187-6454C091F532", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF8EFFB-5686-4F28-A68F-1A8854E098CE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*", matchCriteriaId: "5DA9B2E2-958B-478D-87D6-E5CDDCD44315", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*", matchCriteriaId: "B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", matchCriteriaId: "97321212-0E07-4CC2-A917-7B5F61AB9A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*", matchCriteriaId: "DF390236-3259-4C8F-891C-62ACC4386CD1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AAA300-691A-4957-8B69-F6888CC971B1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", matchCriteriaId: "45937289-2D64-47CB-A750-5B4F0D4664A0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*", matchCriteriaId: "B129311C-EB4B-4041-B85C-44D5E53FCAA3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "F1AB54DB-3FB4-41CB-88ED-1400FD22AB85", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", matchCriteriaId: "77675CB7-67D7-44E9-B7FF-D224B3341AA5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*", matchCriteriaId: "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", matchCriteriaId: "9C877879-B84B-471C-80CF-0656521CA8AB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", matchCriteriaId: "E315FC5C-FF19-43C9-A58A-CF2A5FF13824", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "20A6B40D-F991-4712-8E30-5FE008505CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B1987BDA-0113-4603-B9BE-76647EB043F2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", matchCriteriaId: "848C92A9-0677-442B-8D52-A448F2019903", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "6F564701-EDC1-43CF-BB9F-287D6992C6CB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*", matchCriteriaId: "12B0CF2B-D1E1-4E20-846E-6F0D873499A9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*", matchCriteriaId: "E8885C2C-7FB8-40CA-BCB9-B48C50BF2499", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*", matchCriteriaId: "9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*", matchCriteriaId: "A903C3AD-2D25-45B5-BF4A-A5BEB2286627", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*", matchCriteriaId: "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C2792650-851F-4820-B003-06A4BEA092D7", versionEndExcluding: "10.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "9F6B63B9-F4C9-4A3F-9310-E0918E1070D1", versionEndExcluding: "3.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", matchCriteriaId: "E6FF5F80-A991-43D4-B49F-D843E2BC5798", versionEndIncluding: "2.414.2", vulnerable: true, }, { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", matchCriteriaId: "54D25DA9-12D0-4F14-83E6-C69D0293AAB9", versionEndIncluding: "2.427", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", matchCriteriaId: "8E1AFFB9-C717-4727-B0C9-5A0C281710E2", versionEndExcluding: "9.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", matchCriteriaId: "25C85001-E0AB-4B01-8EE7-1D9C77CD956E", versionEndExcluding: "1.21.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*", matchCriteriaId: "F98F9D27-6659-413F-8F29-4FDB0882AAC5", versionEndExcluding: "11.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C98BF315-C563-47C2-BAD1-63347A3D1008", versionEndExcluding: "4.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*", matchCriteriaId: "705CBA49-21C9-4400-B7B9-71CDF9F97D8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "AA2BE0F1-DD16-4876-8EBA-F187BD38B159", versionEndExcluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "796B6C58-2140-4105-A2A1-69865A194A75", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*", matchCriteriaId: "DEA99DC6-EA03-469F-A8BE-7F96FDF0B333", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*", matchCriteriaId: "6560DBF4-AFE6-4672-95DE-74A0B8F4170A", versionEndExcluding: "x14.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "84785919-796D-41E5-B652-6B5765C81D4A", versionEndExcluding: "7.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*", matchCriteriaId: "92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E", versionEndExcluding: "4.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD", versionEndExcluding: "9.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "4FE2F959-1084-48D1-B1F1-8182FC9862DD", versionEndExcluding: "7.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F", versionEndExcluding: "3.10.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "1BB6B48E-EA36-40A0-96D0-AF909BEC1147", versionEndExcluding: "11.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*", matchCriteriaId: "2CBED844-7F94-498C-836D-8593381A9657", versionEndExcluding: "2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510", versionEndExcluding: "2.19.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*", matchCriteriaId: "358FA1DC-63D3-49F6-AC07-9E277DD0D9DA", versionEndExcluding: "x14.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*", matchCriteriaId: "BFF2D182-7599-4B81-B56B-F44EDA1384C0", versionEndExcluding: "2024.01.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*", matchCriteriaId: "4868BCCA-24DE-4F24-A8AF-B3A545C0396E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*", matchCriteriaId: "194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A", versionEndExcluding: "2024.02.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*", matchCriteriaId: "BEC75F99-C7F0-47EB-9032-C9D3A42EBA20", versionEndExcluding: "2024.02.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "B6638F4E-16F7-447D-B755-52640BCB1C61", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "AC34F742-530E-4AB4-8AFC-D1E088E256B4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*", matchCriteriaId: "D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E22AD683-345B-4E16-BB9E-E9B1783E09AD", versionEndExcluding: "12.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*", matchCriteriaId: "D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*", matchCriteriaId: "2955BEE9-F567-4006-B96D-92E10FF84DB4", versionEndExcluding: "1.22", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "67502878-DB20-4410-ABA0-A1C5705064CD", versionEndExcluding: "17.15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "177DED2D-8089-4494-BDD9-7F84FC06CD5B", versionEndExcluding: "7.11.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54A29FD3-4128-4333-8445-A7DD04A6ECF6", versionEndExcluding: "15.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "67074526-9933-46B3-9FE3-A0BE73C5E8A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", versionEndExcluding: "10.2\\(7\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", versionEndExcluding: "10.3\\(5\\)", versionStartIncluding: "10.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", versionEndExcluding: "10.2\\(7\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", versionEndExcluding: "10.3\\(5\\)", versionStartIncluding: "10.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA5389A-8AD1-476E-983A-54DF573C30F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2FFD26-8255-4351-8594-29D2AEFC06EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "61E10975-B47E-4F4D-8096-AEC7B7733612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "182000E0-8204-4D8B-B7DE-B191AFE12E28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "BDC208BC-7E19-48C6-A20E-A79A51B7362C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "084D0191-563B-4FF0-B589-F35DA118E1C6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "968390BC-B430-4903-B614-13104BFAE635", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "F7B90D36-5124-4669-8462-4EAF35B0F53D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "737C724A-B6CD-4FF7-96E0-EBBF645D660E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7067AEC7-DFC8-4437-9338-C5165D9A8F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "71D4CF15-B293-4403-A1A9-96AD3933BAEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCC1515-2DBE-4DF2-8E83-29A869170F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7282AAFF-ED18-4992-AC12-D953C35EC328", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "360409CC-4172-4878-A76B-EA1C1F8C7A79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "D07B5399-44C7-468D-9D57-BB5B5E26CE50", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "B76FB64F-16F0-4B0B-B304-B46258D434BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2E128053-834B-4DD5-A517-D14B4FC2B56F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", }, { lang: "es", value: "El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023.", }, ], id: "CVE-2023-44487", lastModified: "2025-04-12T01:00:01.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-10-10T14:15:10.883", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/7", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/Azure/AKS/issues/3947", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/Kong/kong/discussions/11741", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/akka/akka-http/issues/4323", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/apisix/issues/10320", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/httpd-site/pull/10", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://github.com/dotnet/announcements/issues/277", }, { source: "cve@mitre.org", tags: [ "Product", "Release Notes", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/facebook/proxygen/pull/466", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/golang/go/issues/63417", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://github.com/grpc/grpc/releases/tag/v1.59.2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/h2o/h2o/pull/3291", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/line/armeria/pull/5232", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/micrictor/http2-rst-stream", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/nodejs/node/pull/50121", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/openresty/openresty/issues/930", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", "Vendor Advisory", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37830987", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Press/Media Coverage", ], url: "https://news.ycombinator.com/item?id=37830998", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37831062", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37837043", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/Azure/AKS/issues/3947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/Kong/kong/discussions/11741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/akka/akka-http/issues/4323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/apisix/issues/10320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/httpd-site/pull/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://github.com/dotnet/announcements/issues/277", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/facebook/proxygen/pull/466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/golang/go/issues/63417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/h2o/h2o/pull/3291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/line/armeria/pull/5232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/micrictor/http2-rst-stream", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/nodejs/node/pull/50121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/openresty/openresty/issues/930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", "Vendor Advisory", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37830987", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Press/Media Coverage", ], url: "https://news.ycombinator.com/item?id=37830998", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37831062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37837043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1782", lastModified: "2024-11-21T04:37:22.043", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.463", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "CDB194AF-51E8-4379-B416-34049BF03754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:*:*:*", matchCriteriaId: "BF29010C-8712-4464-A233-14CF024AA6DB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco UCS Manager Software, podría permitir a un atacante local autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de los parámetros de comando de la CLI. Un atacante podría explotar esta vulnerabilidad mediante la ejecución de comandos específicos en la CLI local-mgmt en un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que los procesos internos del sistema presenten un fallo para finalizar apropiadamente, lo que podría resultar en una acumulación de procesos atascados y conllevar a una lentitud en el acceso a la CLI de UCS Manager y la Interfaz de Usuario web. Un ataque sostenido puede resultar en un reinicio de los procesos internos de UCS Manager y una pérdida temporal de acceso a la CLI de UCS Manager y la Interfaz de Usuario web", }, ], id: "CVE-2020-3504", lastModified: "2024-11-21T05:31:12.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.487", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-664", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-19 03:03
Modified
2025-04-12 10:46
Severity ?
Summary
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/94077 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1037185 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94077 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037185 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic | Mitigation, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "633D2528-7FC4-448C-AEF4-5849B172CE11", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "2585A246-7C8F-4755-9DB9-E9A668901B7F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "789A655E-4670-421D-98EA-B80F4EF35191", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CCB2662B-7AD7-486D-B492-3ED74723A88D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "05098742-7099-424F-8490-300508F0459F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "36A00C1F-7270-4E2F-8420-8567336AD1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "22EE58D9-D1BF-41BD-B331-A3472D38B1D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "58B28302-6700-4B2C-9531-6BECA5113D70", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*", matchCriteriaId: "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "2478A831-330D-4526-8A2C-DC8C0F6973ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "1569E0F4-33D1-408D-88DC-26822447F325", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "CA86F8E0-58FB-4CA5-9541-E9D55BED533D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "F031ABAD-3D20-4374-ABBE-24D5C01BE910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "F227E127-08EE-4A86-956C-BBBDB49925A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "0BEE5B22-F9D3-4EAA-A552-7F0271080632", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "74DB471F-43AF-4E94-99B0-7D38CB3F5943", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "9217FBFE-2708-440A-90F9-0562C159DE16", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "5BA5F46C-3172-4509-856F-703E0B517E7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "E07DC9A1-E4BA-474C-96C2-0B73704628AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).", }, { lang: "es", value: "Una vulnerabilidad en los switches de la rama Cisco Nexus 9000 Series Platform para Application Centric Infrastructure (ACI) podría permitir permitir a un atacante adyacente no autenticado, provocar una condición de denegación de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad afecta a los switches de la rama Cisco Nexus 9000 Series (TOR) - ACI Mode y Cisco Application Policy Infrastructure Controller (APIC). Más información: CSCuy93241. Lanzamientos conocidos afectados: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Lanzamientos conocidos solucionados: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).", }, ], id: "CVE-2016-6457", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-19T03:03:00.303", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94077", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1037185", }, { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1037185", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-08-19 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 5.1.3 | |
| cisco | nx-os | 5.3.0 | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "331D99AC-6464-43C8-BBB7-2C04CCF4733A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.3.0:*:*:*:*:*:*:*", matchCriteriaId: "940BAF6A-B62F-4C63-9756-6882678EA0E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.", }, { lang: "es", value: "Vulnerabilidad en la implementación de la configuración global en los dispositivos Cisco ASR 9000 con versiones de software 5.1.3 y 5.3.0, causa un cierre de las sesiones vty después de una operación commit/end, lo cual permite a usuarios locales causar una denegación de servicio (creación de archivo tmp/*config, consumo de memoria y caída del dispositivo) a través de vectores no especificados, también conocido como Bug ID CSCut93842.", }, ], id: "CVE-2015-4277", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-19T18:59:00.123", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1033259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033259", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-28 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nexus_7000 | * | |
| cisco | nexus_7700 | * | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nexus_5010 | * | |
| cisco | nexus_5020 | * | |
| cisco | nexus_5548p | * | |
| cisco | nexus_5548up | * | |
| cisco | nexus_5596t | * | |
| cisco | nexus_5596up | * | |
| cisco | nexus_56128p | * | |
| cisco | nexus_5624q | * | |
| cisco | nexus_5648q | * | |
| cisco | nexus_5672up | * | |
| cisco | nexus_5696q | * | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nexus_6001 | * | |
| cisco | nexus_6004 | * | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 11.0\(1b\) | |
| cisco | nx-os | 11.0\(1c\) | |
| cisco | nexus_93120tx | * | |
| cisco | nexus_93128tx | * | |
| cisco | nexus_9332pq | * | |
| cisco | nexus_9336pq_aci_spine | * | |
| cisco | nexus_9372px | * | |
| cisco | nexus_9372tx | * | |
| cisco | nexus_9396px | * | |
| cisco | nexus_9396tx | * | |
| cisco | nexus_9504 | * | |
| cisco | nexus_9508 | * | |
| cisco | nexus_9516 | * | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1d\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nexus_3016 | * | |
| cisco | nexus_3048 | * | |
| cisco | nexus_3064 | * | |
| cisco | nexus_3132q | * | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | * | |
| cisco | nexus_3524 | * | |
| cisco | nexus_3548 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "35E48EE6-C498-4E13-AC5E-28F6B4391725", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A3B41075-01D1-4832-A025-07A378F2A5E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "858E4134-643C-422C-8441-5372F4BC25D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:*:*:*:*:*:*:*:*", matchCriteriaId: "16DE0FB3-1DC2-4BA4-BD26-FF6E7C06EC11", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:*:*:*:*:*:*:*:*", matchCriteriaId: "CDE36822-4657-457A-B260-BEEE914B5057", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C871A419-B769-46B2-956E-467BBE94F290", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:*:*:*:*:*:*:*:*", matchCriteriaId: "C498AF62-0B67-4CBE-B635-2665B7B6AB5B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:*:*:*:*:*:*:*:*", matchCriteriaId: "90564BCC-F093-4E48-8188-AB07B2F6A65D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:*:*:*:*:*:*:*:*", matchCriteriaId: "E34A8EA1-170C-443B-8EE1-CBA6EB8B2465", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:*:*:*:*:*:*:*:*", matchCriteriaId: "5B657BB8-4E6D-41B0-870A-3E973D2642A3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:*:*:*:*:*:*:*:*", matchCriteriaId: "1637A625-07C8-45E5-8896-591635821C87", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:*:*:*:*:*:*:*:*", matchCriteriaId: "BFECF84E-3826-4DCC-8F1B-7A6FAFD9F07F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:*:*:*:*:*:*:*:*", matchCriteriaId: "DD45884E-1573-48C2-98C0-3FC4A404CCD4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:*:*:*:*:*:*:*:*", matchCriteriaId: "4D163F5E-F5E9-4553-BA68-E7B965423E05", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:*:*:*:*:*:*:*:*", matchCriteriaId: "FBB1AF7A-6FFA-4DB3-8CD9-324D0D15EBB2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:*:*:*:*:*:*:*:*", matchCriteriaId: "1CBBD6CC-7EC0-4D49-BD27-436290398F9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:*:*:*:*:*:*:*:*", matchCriteriaId: "5FD9B812-271E-4155-BAAD-DDC50808F014", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:*:*:*:*:*:*:*:*", matchCriteriaId: "991C8B44-CD6D-4A86-BEDC-EEE4DF1C33E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:*:*:*:*:*:*:*:*", matchCriteriaId: "0C7E0DD8-54BF-4C91-B163-288FEF443234", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1BB0F49B-85C0-4C52-82E0-C2683D43B553", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "384B7337-1C2F-479E-BB2B-F31320D82EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "C64CC640-B37D-4064-8946-B8CCCDE1A6EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "E8983275-20C6-487E-A265-3836F06AB226", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:*:*:*:*:*:*:*:*", matchCriteriaId: "A4191D5D-2DAE-42E8-9DF8-54BF94F6357F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:*:*:*:*:*:*:*:*", matchCriteriaId: "22D2DC70-84C1-43B1-892F-CB42F97B4308", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:*:*:*:*:*:*:*:*", matchCriteriaId: "F85E999E-B350-42DF-85C2-9AD9B95143BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:*:*:*:*:*:*:*:*", matchCriteriaId: "2C6E98BF-2B00-4F94-9643-E136AAA51A15", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:*:*:*:*:*:*:*:*", matchCriteriaId: "910E9554-5B27-4120-A2BA-6BC1DBD93B4A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:*:*:*:*:*:*:*:*", matchCriteriaId: "D3DE2807-88F4-4830-8C66-FA2694040012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:*:*:*:*:*:*:*:*", matchCriteriaId: "47A47B73-31E2-4A02-9AA8-6450501A3B03", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:*:*:*:*:*:*:*:*", matchCriteriaId: "42F184B8-36B2-47CA-97ED-8A50E8C55EAC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:*:*:*:*:*:*:*:*", matchCriteriaId: "291ADF89-15B3-4405-A5A1-16DBCED41B5A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:*:*:*:*:*:*:*:*", matchCriteriaId: "DCB1F31A-0068-4A7F-8019-8CE7E792529D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:*:*:*:*:*:*:*:*", matchCriteriaId: "444564EE-97FA-41E1-801E-1C38B853D321", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "641D651A-B85B-4E9E-BE92-35AFAE8A63A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7810F6FD-F58F-4121-9D30-8C5E3E163EFD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "09C38DCD-2A5F-4095-ABA4-02E95D93C358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "103A4C19-0E91-45FC-9AA2-F40215FCF63B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F61C03B-D7AB-468A-B092-158730FB3E0B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F883AA8-CC44-4440-AB30-D7AC29C242F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "7390B4D2-2121-4311-A798-337E8B777A7B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "924C6663-9EA0-4124-ACC6-0AFC649AEA6D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "3C559C83-FB34-4B1A-A6B3-1834D6CD022C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "7F422D53-4FF4-43FB-8F62-D53393A8C038", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "7CFFFE88-17EA-4515-BF71-C0AB82957B21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "6EF14E5C-B776-4A04-A5CC-853CFF2816B9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "EF7E681A-F354-4093-84A9-5A357EAB1559", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8B627C66-CFE1-40B9-8264-392BB091EA52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5BFA21F2-E2B2-49B6-9956-D6219D499F7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "52899164-992D-4736-B460-FDFB825DB7A8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8766DA4C-A25C-48D4-A6FC-2357200A9215", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B6C48105-F73E-40C9-8CD9-B46C5319FB5E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "94F5B47A-023B-4415-8DB9-6829C5E72901", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:*:*:*:*:*:*:*:*", matchCriteriaId: "9CE8BF90-B19C-4EA7-ACF8-37AEF624C1EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:*:*:*:*:*:*:*:*", matchCriteriaId: "7918D88F-AF51-42B1-8C8E-587D6714DEB8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:*:*:*:*:*:*:*:*", matchCriteriaId: "7623D2B2-B37D-48BF-BB77-FF9FBB07D98F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:*:*:*:*:*:*:*:*", matchCriteriaId: "133078DA-A6A7-41FC-AB28-BCE5B3600B48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:*:*:*:*:*:*:*:*", matchCriteriaId: "22089EF2-B027-4B88-A3F8-229A65D9DDEA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:*:*:*:*:*:*:*:*", matchCriteriaId: "E613A55C-F925-42A9-9A09-F03B0350B3B0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:*:*:*:*:*:*:*:*", matchCriteriaId: "12F474C7-EB30-4069-A723-54269F5AFFE8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.", }, { lang: "es", value: "La implementación DHCP en la característica PowerOn Auto Provisioning (POAP) en Cisco NX-OS no restringe correctamente el proceso de inicialización, lo que permite a atacantes remotos ejecutar comandos arbitrarios como root mediante el envío de paquetes de respuestas manipulados en la red local, también conocido como Bug ID CSCur14589.", }, ], id: "CVE-2015-0658", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-28T01:59:49.210", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1031992", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1031992", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-06 21:29
Modified
2024-11-21 04:36
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/107312 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107312 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 8.3\(0\)sk\(0.39\) | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9500 | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | application_policy_infrastructure_controller_software | * | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9500 | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*", matchCriteriaId: "39E9A017-225B-4FCB-A5AA-8CEA1435A1AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:application_policy_infrastructure_controller_software:*:*:*:*:*:*:*:*", matchCriteriaId: "0CA33812-34D5-4A3D-95A4-D949DE9AC25E", versionEndIncluding: "4.0\\(1h\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad de autorización de Cisco Nexus 9000 Series ACI Mode Switch Software puede permitir a un atacante local autenticado escalar usuarios estándares con privilegios root en un dispositivo afectado. La vulnerabilidad se debe a una mala configuración de determinados archivos sudoers para el componente bashroot en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad autenticándose en el dispositivo afectado con un ID de usuario manipulado, el cual podría permitir el acceso del administrador temporal para escalar privilegios. Un exploit exitoso podría permitir que el atacante escale sus privilegios en el dispositivo afectado. Esta vulnerabilidad se ha solucionado en la versión 4.0(1h).", }, ], id: "CVE-2019-1585", lastModified: "2024-11-21T04:36:51.620", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-06T21:29:00.323", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107312", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-16", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-16", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of specific Call Home configuration parameters when the software is configured for transport method HTTP. An attacker could exploit this vulnerability by modifying parameters within the Call Home configuration on an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying OS.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Call Home de Cisco NX-OS Software, podría permitir a un atacante remoto autenticado inyectar comandos arbitrarios que podrían ser ejecutados con privilegios root en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobación insuficiente de entrada de los parámetros de configuración específicos de Call Home cuando el software está configurado para el método de transporte HTTP. Un atacante podría explotar esta vulnerabilidad mediante la modificación de parámetros dentro de la configuración de Call Home en un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3454", lastModified: "2024-11-21T05:31:06.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.410", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "D4C90C63-E006-4101-A737-429B28A5ABD5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "0235897B-D881-4C22-AEC5-6B0D8552B47B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "77B4432C-D3C1-45DA-8E2B-1282A98D4D66", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "FE2846A6-62B3-4035-968C-AA73FFA1EA67", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "C6DC1C38-8134-4548-9685-03664699B273", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(3e\\):*:*:*:*:*:*:*", matchCriteriaId: "C46E10DB-6CA8-460F-9C6D-48684BDCCEA9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(3f\\):*:*:*:*:*:*:*", matchCriteriaId: "D027C394-ED7D-4302-92B1-F9A2F60C8568", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(3g\\):*:*:*:*:*:*:*", matchCriteriaId: "3914D468-662E-4F82-910F-67800189462E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(4d\\):*:*:*:*:*:*:*", matchCriteriaId: "6502FEA6-A959-48F3-84E7-6E2180D23956", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "1336D0EA-F391-411D-B140-040E805DF3DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "60BC734F-D9DB-42B9-82C4-4A23C2A3C14D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(5c\\):*:*:*:*:*:*:*", matchCriteriaId: "F9F5D422-54B8-47F2-96E6-A820E27658DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(5d\\):*:*:*:*:*:*:*", matchCriteriaId: "F2BBBEDF-6869-4C99-A1D9-1AF53EFA82E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.2\\(5e\\):*:*:*:*:*:*:*", matchCriteriaId: "CBB9500B-84F9-4B35-95C6-26F57BE8145C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:16.0\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "6B68CD3E-700F-43D2-960C-C53A6EE241B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:16.0\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "743AED05-E2D7-4322-8814-C803F0BD6265", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required.", }, ], id: "CVE-2023-20089", lastModified: "2024-11-21T07:40:31.967", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:13.557", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-789", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-29 01:43
Modified
2025-04-30 14:15
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.
This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "350F10D8-221B-4A47-8BF6-CCC421878243", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "7385A37A-FC89-44E6-8BD9-C35B2F22714F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "D194B648-4932-482A-88F9-F65E5F5239FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "19C3A385-319E-4137-8D9A-13B5555897EB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "5F2EC055-B309-4F1F-A646-FA47AE344D27", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364e-sg2:-:*:*:*:*:*:*:*", matchCriteriaId: "EA4E79EC-8CA8-4515-A333-89C0ECFAB15E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.\r\n\r This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.", }, { lang: "es", value: "Una vulnerabilidad en la programación de la lista de control de acceso (ACL) para las subinterfaces del canal de puerto de los conmutadores Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podría permitir que un atacante remoto no autenticado envíe tráfico que debería bloquearse a través de un dispositivo afectado. Esta vulnerabilidad se debe a una programación de hardware incorrecta que ocurre cuando se realizan cambios de configuración en los puertos miembros del canal de puertos. Un atacante podría aprovechar esta vulnerabilidad intentando enviar tráfico a través de un dispositivo afectado. Un exploit exitoso podría permitir al atacante acceder a recursos de red que deberían estar protegidos por una ACL que se aplicó en las subinterfaces del canal de puerto.", }, ], id: "CVE-2024-20291", lastModified: "2025-04-30T14:15:10.367", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-29T01:43:59.000", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AEF1AF20-C6CE-4956-8129-FA68E3B03E35", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E40D9097-C95A-4813-9DEE-89CA75820524", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", matchCriteriaId: "399568C2-4198-4D2C-B694-FF4EFE5E4710", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*", matchCriteriaId: "0CDB1D59-C964-4D30-B55E-08E68562300C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i:*:*:*:*:*:*:*", matchCriteriaId: "2C8702D0-13F8-4033-B675-90B380A5AC9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", matchCriteriaId: "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*", matchCriteriaId: "E575893D-81E5-47E6-9531-50E044C2C3D3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "247F42D0-7B07-4F4A-95D9-648139D5F67D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "01B3A010-8F62-4505-AB02-9A3E3FDC8C72", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AEF1AF20-C6CE-4956-8129-FA68E3B03E35", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*", matchCriteriaId: "2B36B056-C068-4413-B648-1D1D6026B823", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E40D9097-C95A-4813-9DEE-89CA75820524", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", matchCriteriaId: "399568C2-4198-4D2C-B694-FF4EFE5E4710", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\)s5:*:*:*:*:*:*:*", matchCriteriaId: "C733C52D-953A-4CDF-BD98-3102FE50CE70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Network Time Protocol (NTP) de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al uso excesivo de los recursos del sistema cuando el dispositivo afectado está registrando una acción de caída para los paquetes NTP MODE_PRIVATE (Modo 7) recibidos. Un atacante podría explotar esta vulnerabilidad inundando el dispositivo con un flujo constante de paquetes NTP de Modo 7. Una explotación con éxito podría permitir al atacante causar un uso elevado de CPU y memoria en el dispositivo afectado, lo que podría causar que los procesos internos del sistema se reinicien o causar que el dispositivo afectado se recargue inesperadamente. Nota: La funcionalidad NTP está habilitada por defecto.", }, ], id: "CVE-2019-1967", lastModified: "2024-11-21T04:37:47.367", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-30T09:15:20.287", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "844B2F51-6C6B-4B13-BDB2-95FB98323B04", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "6.0\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF64A744-B207-4EAB-B395-1E477AE7E730", versionEndExcluding: "9.2\\(3\\)", versionStartIncluding: "9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A49B703F-71AC-4D71-B20B-B373A1F20F2D", versionEndExcluding: "9.2\\(3\\)", versionStartIncluding: "7.0\\(3\\)f", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "6B87F05E-6442-4B82-9B9C-3FDC98116A79", versionEndExcluding: "7.3\\(5\\)n1\\(1\\)", versionStartIncluding: "7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*", matchCriteriaId: "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "6E94ECC2-7203-41AB-8FDA-92807B9336B2", versionEndExcluding: "8.0\\(1\\)", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges, which may lead to complete system compromise. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en un comando CLI relacionado con el virtualization manager (VMAN) en el software Cisco NX-OS, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root. La vulnerabilidad es debido a una comprobación insuficiente de los argumentos pasados a un comando específico de CLI de VMAN en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad mediante la inclusión de entradas maliciosas como argumento de un comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root, lo que puede conllevar a un compromiso total del sistema. Un atacante necesitaría credenciales de administrador válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2019-12717", lastModified: "2024-11-21T04:23:25.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-25T21:15:11.937", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-27 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/75433 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032735 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75433 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032735 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 1.0\(1.110a\) | |
| cisco | nx-os | 1.0\(1e\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:1.0\\(1.110a\\):*:*:*:*:*:*:*", matchCriteriaId: "ADE956FC-1BEF-40E6-AD94-B61ABBAC22EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:1.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "60E0DFB9-D722-445D-B9CD-AA36B4CDC659", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.", }, { lang: "es", value: "Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) y 1.0(1e) en los dispositivos Nexus 9000 no implementa correctamente la puntuación de salud RBAC, lo que permite a usuarios remotos autenticados obtener información sensible a través de vectores no especificados, también conocido como Bug ID CSCuq77485.", }, ], id: "CVE-2015-4225", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-27T10:59:01.173", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75433", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032735", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "6793CE39-88B6-42DF-A586-43BC656F00DD", versionEndIncluding: "2.3.1.173", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3", versionEndExcluding: "2.6.1.187", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*", matchCriteriaId: "35E2BDED-6263-4948-89A3-5D867D52BD48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*", matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*", matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*", matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*", matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*", matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "D5494B4B-0BB4-48AE-8B0D-04DE649F9313", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "B3A0C835-6C98-4AB6-89FF-C27117BB6B12", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "395F25CD-FDF5-48D7-A048-A6B4F4779EC9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "124CE49C-1C2B-40A5-8F59-7A223766E12F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "A83F3D33-0674-4F74-AEA9-BC824D8536F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "784A450D-8DCA-43E5-8044-A9F2363FB006", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*", matchCriteriaId: "92E88ED4-C2AF-407C-A395-3D7806D68758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*", matchCriteriaId: "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "871D84C5-71EE-4B82-A48C-A1CC68DA332A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*", matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*", matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*", matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*", matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*", matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*", matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*", matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*", matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "55812D67-23B2-4EE1-8DEF-B1386551D825", versionEndExcluding: "6.2\\(29\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2516465F-34B9-4E24-B65B-3952DAEF25FD", versionEndExcluding: "8.4\\(1a\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "33FD38EF-3B47-4739-BF0B-FC50D8520DBC", versionEndExcluding: "5.2\\(1\\)sv5\\(1.3\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E", versionEndIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2FE8F16B-D59C-43C7-BECA-3D62B609AB94", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1b\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C", versionEndExcluding: "9.3\\(2\\)", versionStartIncluding: "7.0\\(3\\)f2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2", versionEndExcluding: "7.0\\(3\\)i7\\(8\\)", versionStartIncluding: "7.0\\(3\\)i", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "80E4C5F7-050A-40D8-B087-5F7597B97EEA", versionEndExcluding: "7.3\\(6\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B7D74A33-E46C-4A26-AEFF-A9064415F89E", versionEndExcluding: "6.2\\(24\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DA088812-07C5-47BF-9CB1-66D2E4E6D27C", versionEndExcluding: "7.3\\(5\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A8934F95-3C91-4499-ACA3-8C22DA785ED5", versionEndExcluding: "8.2\\(5\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "66360174-9C40-4147-A94C-8007021C55A5", versionEndExcluding: "8.4\\(2\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "97BA8B03-822E-4544-89A0-23608D635DA7", versionEndExcluding: "13.2\\(9b\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE", versionEndExcluding: "14.2\\(1j\\)", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E", versionEndExcluding: "3.2\\(3m\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una falta de comprobación cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).", }, ], id: "CVE-2020-3120", lastModified: "2024-11-21T05:30:22.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-05T18:15:11.063", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad anycast gateway de Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado causar que un dispositivo aprenda entradas Address Resolution Protocol (ARP) no válidas. Las entradas ARP son para direcciones IP no locales para la subred. La vulnerabilidad es debido a una comprobación inapropiada de una petición ARP gratuita (GARP) recibida. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete GARP malicioso sobre la subred local para causar que la tabla ARP en el dispositivo se corrompa. Una explotación con éxito podría permitir a un atacante poblar la tabla ARP con entradas incorrectas, lo que podría conllevar a interrupciones del tráfico.", }, ], id: "CVE-2020-3174", lastModified: "2024-11-21T05:30:28.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.563", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-01 17:15
Modified
2025-01-27 20:57
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:
Nexus 3000 Series Switches
Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later
Nexus 9000 Series Switches in standalone NX-OS mode
References
Impacted products
{ cisaActionDue: "2024-07-23", cisaExploitAdd: "2024-07-02", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Cisco NX-OS Command Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24a\\):*:*:*:*:*:*:*", matchCriteriaId: "F558EAFA-C4A3-4EC3-85E6-225D3EBB0D90", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C18A0045-87F3-4782-81C5-0BF615EA9346", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FA615483-9E8E-4E74-B2A1-FCA555523DC7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E991E535-5FB6-40FE-B599-9CFFDA6438DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "90444CE8-2D46-432F-8713-6B4A05D03AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "298709C4-69BF-48BA-A317-4251B5461A0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "0EF15089-A16E-47CC-AB52-78AB85F681BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3FB0B238-4F3A-4569-89B0-ED80533D87C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CF90B861-F48B-45DF-ACB8-F91030106181", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "CAB301FC-988F-4FC3-A097-E926E541F098", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6CFA19E0-0121-4422-83AF-94039520A0F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "03201B37-841C-432F-8643-352833381373", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "F6AD86DF-7D7A-4097-8DBF-9EF07EF5509A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "9CF6FCE1-D9F7-4A1C-8570-1A1529BFFB0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "224696A4-D5A9-4E5F-B0D4-68F27A1CD6A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "6A54DB25-6479-4B1B-AEE6-9F4EB1A0E90C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "D0ED62FC-4C6D-4777-934F-0A9A32194E0E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "84FE4C8A-61BC-4F5A-B4E1-8525FAD55CB2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "A7FD4067-4EEF-4477-AA3A-EE8BB8489832", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B8E31F-6B33-43E0-9585-5736D54FE876", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3C828C0E-99E6-4DEF-9EB3-672DEB61F479", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "411B58EB-2BCD-47CA-AB5A-538BCEAEF75F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1D725607-74D5-4700-B4B7-0C35D119F9BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "189BE025-7434-4790-94E3-4F4F07C76937", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "6A2E2364-1C5B-494B-B7DA-752F9E9D5464", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "E1C2124A-A7B3-4D2A-870C-76EFCE0D0B9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "3F45511E-5224-4919-B6D9-83EE7493D0E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "52F8EDCD-45C9-4408-BD20-71C70CDE367C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "A39C505E-ABEB-4481-8A8A-1B1F3C5E0A81", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "5B02BC42-7F87-46F7-AA46-48633AC5AFD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "395233A3-B56F-458A-86F9-5EE8D66A51C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*", matchCriteriaId: "36145717-6348-466D-87B4-B1A19F17BA55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*", matchCriteriaId: "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BBDCF9-562C-44BA-B709-F91346F6F99F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*", matchCriteriaId: "276BD181-125C-48EC-984C-29BAE20C21F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*", matchCriteriaId: "7596B885-5312-489B-BBDB-A5374E525DE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*", matchCriteriaId: "42EC10DA-FE01-4BA3-B49F-B164F697D4BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1655CC-9BD5-4BD5-B113-776E4335D556", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA6F9ED-50A1-4D61-BC83-438585646856", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD54E122-6102-451E-92BF-AF71D98AEBE0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C857C0F-B023-4CF7-9916-6735C40425F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "BC281019-3BB1-4539-BFA3-1D13E2ABE720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "07863B2B-D780-4641-BADE-A5AFFAD95E57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "D4F7ADD7-C438-40A4-883E-BFAAA9BA0029", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(9a\\):*:*:*:*:*:*:*", matchCriteriaId: "31C3DDB7-119B-4AF8-9896-8DF08303E04E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "05C1E8F0-3840-406F-A3F6-BB50735B0214", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(9c\\):*:*:*:*:*:*:*", matchCriteriaId: "01D17E16-271E-4642-9577-32B58EEFB5F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "BA4A04DF-1668-42FC-9C81-11FFB93B43D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11c\\):*:*:*:*:*:*:*", matchCriteriaId: "3F5A0E74-C0C2-4593-9ACB-4A94E5BA4A29", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11d\\):*:*:*:*:*:*:*", matchCriteriaId: "C926C2EC-1838-4B94-945D-69315B645B39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11e\\):*:*:*:*:*:*:*", matchCriteriaId: "6D3C6E19-4A5A-45D4-9BE0-97BE969D8BFE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "4F52D1CE-0F00-401B-86AE-1E93F7259B02", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(13a\\):*:*:*:*:*:*:*", matchCriteriaId: "CA749833-7D3B-4FFD-9A5F-9D9966D1DDBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(13b\\):*:*:*:*:*:*:*", matchCriteriaId: "9FEDA299-FD35-46A0-A7A3-50D526D445C2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(15\\):*:*:*:*:*:*:*", matchCriteriaId: "411C176B-3A5D-4EFB-8DCB-753E7BAC6AF1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(17\\):*:*:*:*:*:*:*", matchCriteriaId: "CACD51E7-FCA3-4870-94E0-FAB505743C8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(19\\):*:*:*:*:*:*:*", matchCriteriaId: "9110930C-AA37-42F1-8B7E-E06033133D42", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(21\\):*:*:*:*:*:*:*", matchCriteriaId: "8540E153-4041-4CBA-ABA2-6E78BD3A6E6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(23\\):*:*:*:*:*:*:*", matchCriteriaId: "B8F9A602-F5E5-432D-8304-19964DC373A4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*", matchCriteriaId: "0B86774A-900E-4A02-B671-C13C18965358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*", matchCriteriaId: "D23ADF50-748F-4795-B564-6D934B95F8D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(29\\):*:*:*:*:*:*:*", matchCriteriaId: "1D4A2531-F5F0-4AB8-A812-7ADE7D558B77", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(31\\):*:*:*:*:*:*:*", matchCriteriaId: "95777BFD-0F3B-49F8-9131-34EB83F7ED67", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(33\\):*:*:*:*:*:*:*", matchCriteriaId: "FF43590F-5F94-49EC-BE3A-55635ECD3176", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dy\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "ADC3F316-982A-4D7C-BE3B-C3D87F58B298", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)dy\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D9B515AF-915A-4BAE-AA51-CF57F7316A63", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "409A92B8-F9A5-401E-B77F-177C48B22F23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3FB0B238-4F3A-4569-89B0-ED80533D87C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CF90B861-F48B-45DF-ACB8-F91030106181", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B8E31F-6B33-43E0-9585-5736D54FE876", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3C828C0E-99E6-4DEF-9EB3-672DEB61F479", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D0A868C7-1060-4A48-819E-013F435F08D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "411B58EB-2BCD-47CA-AB5A-538BCEAEF75F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "B9E85905-A3F0-43C0-A578-6E9C14033D3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "64E228E3-B088-4E1B-9E46-ECC8835CD9A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "17679F98-B8D5-4FDD-AA8F-9FCF703B466B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "BCCF180B-0710-4368-B588-86C0971883A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "F0E1A760-CAB3-4313-9315-26AD75C43CC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "A8DBDA3B-E8A6-4709-81F0-32908100D975", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8BC7435D-C9E9-4895-A958-F8F78DAE93A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "728C0D94-CCCF-4313-98F0-1E25F7FA2464", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "89FC0A74-2435-4977-BBB7-906B812382EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C06AF41C-ADDD-4B52-8187-DA50D1AF271B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.4\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "50A8023C-51B2-49D7-BEB3-618B2D213F25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8BD5346D-15B3-4342-901B-F562A8A71686", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*", matchCriteriaId: "22E6B85A-3988-4EC5-B788-9664772CE64E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "BB8F0200-7BCA-49E9-98E0-D825630D77FF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "61F736DD-44FE-4A20-AF89-4B29725608A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8844860D-427F-4B01-980A-59B082F26034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "CCA96B43-0793-4784-A971-DD442EBFF6BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B13305C9-008F-488A-ADC7-0724AFB313DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "50DFAF49-0688-4A5A-9023-E2543164D89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "46376F5C-2CF0-46F1-ADCF-870065A24D12", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "5EB6C0E3-9B92-4768-93BB-8B8626EB164A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "5E6FB730-84CD-496D-9140-BC9375548D14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "BD712B88-298A-4488-A053-67CB45190F57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "31308B18-062C-4DB8-9241-F15661C06398", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "310856A9-CA62-4C1A-A4C9-B6EECC36F496", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "3D295366-662E-4C8E-9758-3DB801E0ABA8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "F09360A9-3FB1-465F-977E-643942D01FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "3F034BF4-31E6-46FB-B082-EA22FFE51AAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "063BB311-EC8D-43E5-9B9D-56C96121EB9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "003AAC03-306E-4D12-B4C7-7ECA4ED88884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0DAA33-3841-4C14-A137-93E1810CC866", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "ACD5B480-2780-48EB-B361-4EF4833D97E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "629488D4-D8A4-4152-A4D3-E951F199C6DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*", matchCriteriaId: "B07F6A0D-82C3-4C2C-9715-3D07083E6F56", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "03901678-2CCB-4ED5-AF04-D8469BF12804", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8845147E-D3B1-41B9-BBD2-77B2823F3AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7B2F23-F532-40D2-884E-D86785B33296", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "D498C133-AA11-49C4-B065-F27CE776D318", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08032AAC-F094-4717-A56F-89289FBD1F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "C5ADD4D3-206C-4609-AB2A-F6945D56627B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "07645F73-AC79-4BB8-A98E-1740F7D6EC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "9DC56869-4665-49D1-89F2-8ED97727BD94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "1162691A-6C92-448A-8F1B-2DEFB623F1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "57524BA3-CF08-4F0F-95C9-F1417B4B83E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*", matchCriteriaId: "D0E214C2-24CF-43EC-BC27-2E6AA77254DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0D74A0-C4B2-46EC-A9FF-562A997E3150", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "817A45B4-7C79-4D1A-B889-18A937CF8361", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "155F3CB7-A85B-4897-A4E2-F485FDF44AD4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "9D34CAB5-0832-45B1-B13F-49B763AFB74F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "7C0DB182-F37A-4230-BD6F-461C3195FAF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "21F43A5A-52A2-4094-8D36-39450B8F0E0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "674D15C8-3946-4C2F-9B62-BC6E5BC67673", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "990FA11F-5158-4717-B716-C5D6D2D23D1B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "45A37F82-44B3-426C-A344-9054599BB426", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "53378B5F-4A5B-425D-B8BE-455FAF924551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "076216C6-C115-4C7C-A9E3-46A3986DA2AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A819AE96-3933-4AD2-AF30-36E199393E01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4142F873-0492-4ACC-88F9-3A243128D0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "30A500F4-1899-4F96-98E3-9330146A7963", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "FE52C974-3930-4AC9-907B-8E6B325D6A1E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD07DE9-5C98-4A63-A741-8E69E9F125D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "6A35B6DA-BF07-4579-8D6A-65CD8E052482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0B3DB8-8121-4FDC-8A11-42AB619101EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "70830AB5-C86B-4726-A982-6F104910153E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*", matchCriteriaId: "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E0904B27-2FA3-4B8D-9706-98B0376B5FC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1D86994-83EE-4D09-B79A-70CB22C077C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "00953B63-7DBB-4A67-B41D-321C2ECDE79A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "80B54786-DA2A-4E2D-9835-6A7939931928", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7688EC58-4647-4A08-9E86-A71EA7C41B88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D5AD2254-158D-4BEE-B36C-242813F4BA37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "4480D800-595F-44CB-85ED-7E17A34A5BEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "AD015889-3893-4781-B18D-6125A9B6CE39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "89541F84-0C10-4757-8D25-80FC4464EC23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "371AEAF3-39CA-4837-BA5A-D80826933C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "4C1BC928-7DB9-499A-8CF4-90C98218E9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "3779AD1A-7E6D-4213-A35E-7E9E461AE6FF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "6EB58108-78E4-4208-A549-C86B37422828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6E2484E7-24ED-4238-8ED3-FFFB7C479F18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "2A2F42DB-B22B-4880-BA73-D0E0295190DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "2B448FDB-C2F5-454F-A275-E985C3FCDBCD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEE47A7-B23A-4C9A-A25C-0983D94FB569", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "350F10D8-221B-4A47-8BF6-CCC421878243", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "7385A37A-FC89-44E6-8BD9-C35B2F22714F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "1C26E0A3-7641-4DDF-9882-F04F297C8D07", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D7B192CE-F0B4-415F-9A33-B639A7B56ED4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "A5736375-4050-40A5-A504-688B182C9A75", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "54AB751B-77DE-4513-B961-378458F74164", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "69C445A7-B836-493D-8056-86D4F31847EE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C3018A70-3236-4885-8EB1-708442F74981", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "6FE29E31-332A-4B5B-ADAC-4C14FB589593", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "0918CE83-AFAF-422B-B992-1B7ED61C3316", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "A11EF17F-F0CC-4E27-BC67-8A7CBEB17760", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F69EF43C-0F06-40B8-94AE-870E182E26CF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8CE0E36D-08A6-48D5-A364-AC066F30F3CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "093B5CCD-AE92-47C4-81E9-E03825BD6CF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "1DBDBBC8-12BA-42F9-BF22-B29C3FDF8A31", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "F8403157-A1E2-40BA-BCED-27C7981814C9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*", matchCriteriaId: "0B3B9B0F-6D25-408B-9D20-87C66F786D61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*", matchCriteriaId: "59AB22C9-34C9-4919-BA80-DFF3E186620F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BE3869F2-3991-4F60-8618-7F491EBFF807", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A3D96339-4768-483E-9D2C-0EB0F8D29D5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "B2B7951C-8376-49C3-BF50-E6B65909A739", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0E8D1718-F6B6-4AF6-86EE-0DFF5C6F5AEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4D9EA4B1-4E06-404A-8989-0BA8BE611211", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(10\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F304E6D1-6FA6-452C-AC49-27173F22966B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(11\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58895A84-EA72-40EA-BD7A-AE2EA362BA8F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(12\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5F7966B0-2CAC-4249-98B4-EDAA2F0BF3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(13\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7937350E-C774-46F0-88EF-E0464EF868B6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(14\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B79E4387-44CC-4D7B-A53D-D73EEB23F736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\nNote: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges:\r\n\r\nNexus 3000 Series Switches\r\nNexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later\r\nNexus 9000 Series Switches in standalone NX-OS mode", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco NX-OS podría permitir que un atacante local autenticado ejecute comandos arbitrarios como root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos que se pasan a comandos CLI de configuración específicos. Un atacante podría aprovechar esta vulnerabilidad incluyendo una entrada manipulada como argumento de un comando CLI de configuración afectado. Un exploit exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de root. Nota: Para explotar con éxito esta vulnerabilidad en un dispositivo Cisco NX-OS, un atacante debe tener credenciales de administrador.", }, ], id: "CVE-2024-20399", lastModified: "2025-01-27T20:57:04.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-01T17:15:04.383", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day/", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-07-03 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032775 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032775 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 7.2\(0\)zz\(99.3\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 7.2\(0\)zz\(99.1\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9140 | * | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nx-os | 9.1\(1\)sv1\(3.1.8\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 7.2\(0\)zz\(99.1\) | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 4.1\(2\)e1\(1\) | |
| cisco | nexus_4001i | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.3\\):*:*:*:*:*:*:*", matchCriteriaId: "DDE99C10-B3DF-4BF1-B3D5-01CA37F16132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.1\\):*:*:*:*:*:*:*", matchCriteriaId: "6E2E6964-B258-42D4-8181-BB4765B58AE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:*:*:*:*:*:*:*:*", matchCriteriaId: "A90F0A06-A634-4BD0-A477-90BD3384B7D0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.1\\(1\\)sv1\\(3.1.8\\):*:*:*:*:*:*:*", matchCriteriaId: "E0B0A63C-1CB7-4A99-9AC0-9748E6261252", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zz\\(99.1\\):*:*:*:*:*:*:*", matchCriteriaId: "6E2E6964-B258-42D4-8181-BB4765B58AE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7AC41532-1F38-4540-8398-7DD66D92D041", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*", matchCriteriaId: "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.", }, { lang: "es", value: "El analizador sintáctico CLI en Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), y 9.1(1)SV1(3.1.8) en los dispositivos Nexus permite a usuarios locales ejecutar comandos del sistema operativo arbitrarios a través de caracteres manipulados en un nombre de fichero, también conocido como Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, y CSCuv08436.", }, ], id: "CVE-2015-4237", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-07-03T10:59:03.060", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032775", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39583", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032775", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1781", lastModified: "2024-11-21T04:37:21.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.400", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Border Gateway Protocol (BGP) Multicast VPN (MVPN) de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que una sesión de BGP se reinicie repetidamente, conllevando a una condición de denegación de servicio (DoS) parcial debido a la sesión de BGP está inactiva. La vulnerabilidad es debido al análisis incorrecto de un tipo específico de mensaje de actualización de BGP MVPN. Un atacante podría explotar esta vulnerabilidad mediante el envío de este mensaje de actualización de BGP MVPN hacia un dispositivo objetivo. Una explotación con éxito podría permitir al atacante causar que las conexiones entre peers de BGP se restablezcan, lo que podría conllevar a una inestabilidad en la ruta de BGP e impactar el tráfico. El mensaje de actualización de BGP MVPN entrante es válido pero es analizado incorrectamente por el dispositivo NX-OS, lo que podría enviar una actualización de BGP corrupta hacia el peer BGP configurado. Nota: La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers configurados explícitamente. Para explotar esta vulnerabilidad, un atacante debe enviar un mensaje de actualización de BGP MVPN específico por medio de una conexión TCP establecida que parece provenir de un peer BGP confiable. Para hacerlo, el atacante debe obtener información sobre los peers BGP en la red confiable del sistema afectado", }, ], id: "CVE-2020-3398", lastModified: "2024-11-21T05:30:57.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.253", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-22 14:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "1C26E0A3-7641-4DDF-9882-F04F297C8D07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "F8397775-5A75-4710-9044-B56E1CEE20A1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "876304F4-4CE5-45B8-ADF5-2523319D05BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*", matchCriteriaId: "2A9C0219-7EDC-40FD-A66B-24A92993F692", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D23DFF0E-725B-4CCB-96A3-378600513CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "C71319A9-5B95-410A-BDDB-C47639B8E464", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "6487A95B-0D04-4ABA-B491-8A935694AFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "3506B07C-EB3B-4034-A348-1EEAD09CC5E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "122E24C3-1411-46DA-92F1-635BC0784559", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "B7543DCD-5ED0-4400-9326-9714AB84E012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B464B3-DE25-4980-ABC3-10D7C79C12E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "365A5FB4-3DCE-48D7-8917-636E94389576", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "961B0A51-15B4-45FF-BEAE-05667D76F418", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "A29C323C-6731-4CDA-B364-C1C8B8E60510", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "1D100815-C171-46F4-B675-64E20D8C4FD0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "214472EB-424C-48B7-8EF3-7B679A5042BF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D5229B-AFB2-4B28-95BB-563DBC346982", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "D32D88D4-EABA-4A3A-B300-374AA89525E3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "DD002B70-A630-4A5D-B63C-356AC7B8280C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "7F0AC2DC-234F-48BA-BCC8-DE82C293C273", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "67F94470-7815-4ADD-9FF9-BD74BA46454F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "09F0CD1D-A71B-413B-9150-E462CA206BAC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "1E2788A2-79DC-4A28-BD88-52EC86697C99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "F5747442-90B1-4932-8189-A70B39E45843", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*", matchCriteriaId: "7EED2E16-D0D7-4B53-A05F-595E120B1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*", matchCriteriaId: "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*", matchCriteriaId: "A2A181E6-0EE6-40F2-B04A-2C12DF67D278", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*", matchCriteriaId: "159A9622-2240-46E6-BD4B-62D652422758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*", matchCriteriaId: "6EA01EFB-8458-42B9-81C9-35E1E02FF42F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "360B9A25-5272-487A-AF1A-CE2FDFD6F23C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*", matchCriteriaId: "3291743D-1F0C-4A66-99F9-946196F5CB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "3ADE8708-95D4-4D30-85ED-BE870410F3B6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*", matchCriteriaId: "21686E9C-D51F-4016-BFF5-F076144C7CE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "2D2BBE1C-4820-4A68-83F4-734E0DA4738B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*", matchCriteriaId: "28CC31E4-5C1B-4FD1-9F86-670BAEA47774", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*", matchCriteriaId: "0742F63F-1945-47AA-943C-14959B23C21C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA5389A-8AD1-476E-983A-54DF573C30F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2FFD26-8255-4351-8594-29D2AEFC06EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "61E10975-B47E-4F4D-8096-AEC7B7733612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "182000E0-8204-4D8B-B7DE-B191AFE12E28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "BDC208BC-7E19-48C6-A20E-A79A51B7362C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "084D0191-563B-4FF0-B589-F35DA118E1C6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "968390BC-B430-4903-B614-13104BFAE635", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "F7B90D36-5124-4669-8462-4EAF35B0F53D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*", matchCriteriaId: "1D68E7FE-BD46-4245-8DEE-1AD32159E045", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "5F2EC055-B309-4F1F-A646-FA47AE344D27", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "737C724A-B6CD-4FF7-96E0-EBBF645D660E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7067AEC7-DFC8-4437-9338-C5165D9A8F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "71D4CF15-B293-4403-A1A9-96AD3933BAEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCC1515-2DBE-4DF2-8E83-29A869170F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7282AAFF-ED18-4992-AC12-D953C35EC328", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "360409CC-4172-4878-A76B-EA1C1F8C7A79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "D07B5399-44C7-468D-9D57-BB5B5E26CE50", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "B76FB64F-16F0-4B0B-B304-B46258D434BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2E128053-834B-4DD5-A517-D14B4FC2B56F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "0D3B28C3-114D-41EE-8295-AFA9932C9EAA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, { lang: "es", value: "Una vulnerabilidad en el intérprete de Python del software Cisco NX-OS podría permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad manipulando funciones específicas dentro del intérprete de Python. Una explotación exitosa podría permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecución de Python para aprovechar estas vulnerabilidades. Para obtener más información sobre los privilegios de ejecución de Python, consulte la documentación específica del producto, como la sección de la Guía de programación de NX-OS de la serie Cisco Nexus 9000.", }, ], id: "CVE-2024-20286", lastModified: "2024-10-22T14:44:16.063", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-28T17:15:08.400", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { source: "psirt@cisco.com", tags: [ "Product", ], url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "980B41C7-4122-4D8B-9AAB-2D7BBBC5A7B3", versionEndExcluding: "4.2\\(0.21c\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de gestión del software de Cisco Application Policy Infrastructure Controller (APIC) podría permitir a un atacante adyacente sin autenticar obtener acceso no autorizado a un dispositivo afectado. La vulnerabilidad se debe a una falta de mecanismos de control de acceso adecuados para la conectividad IPv6 (link-local) que se impone en la interfaz de gestión de un dispositivo afectado. Un atacante en la misma red física podría explotar esta vulnerabilidad intentando conectarse a la dirección IPv6 (link local) en el dispositivo afectado. Un exploit exitoso podría permitir al atacante omitir las restricciones de control de acceso en un dispositivo afectado. Los dispositivos de Cisco Application Policy Controller (APIC) en versiones anteriores a 4.2(0.21c) se ven afectados.", }, ], id: "CVE-2019-1690", lastModified: "2024-11-21T04:37:06.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-11T21:29:01.090", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "2A21987E-AE24-4C2C-894A-FFF7CC0CA73B", versionEndExcluding: "2.2.2.148", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "3779F159-04B8-40D7-98D0-B1B68AE02C31", versionEndExcluding: "2.3.1.216", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F839DB11-1E63-4727-8AB0-ED0B5D6BC38A", versionEndExcluding: "2.4.1.273", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "440AAA0A-FEF8-4E40-95EC-59F37A63091D", versionEndExcluding: "2.6.1.224", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "08C690B6-DE7E-417F-883A-3A3AE51F0710", versionEndExcluding: "2.7.1.143", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "88F98150-EB80-41BB-9B80-520124E3FD9A", versionEndExcluding: "2.8.1.143", versionStartIncluding: "2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F2E8B9E7-1023-4A0C-BC8C-C45F956B20BA", versionEndExcluding: "2.9.1.135", versionStartIncluding: "2.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "82542890-87E9-4C92-9B20-7CC668B4E5E1", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "2D8583BD-4586-4AB0-9C7A-BC14385AACE8", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "657840E3-B3E9-4218-A89D-F27D8DC269C6", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "B36972DF-1BEB-48EB-9C79-725AA493F87C", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "08D3FFC7-2C86-4162-B1E8-C9FF39F4465B", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*", matchCriteriaId: "22E6B85A-3988-4EC5-B788-9664772CE64E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*", matchCriteriaId: "36145717-6348-466D-87B4-B1A19F17BA55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*", matchCriteriaId: "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BBDCF9-562C-44BA-B709-F91346F6F99F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*", matchCriteriaId: "276BD181-125C-48EC-984C-29BAE20C21F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*", matchCriteriaId: "7596B885-5312-489B-BBDB-A5374E525DE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*", matchCriteriaId: "42EC10DA-FE01-4BA3-B49F-B164F697D4BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1655CC-9BD5-4BD5-B113-776E4335D556", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA6F9ED-50A1-4D61-BC83-438585646856", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "04E18F69-07F4-4BEA-9867-B79351687D32", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "6EC79F46-3416-4D95-A839-BA707A9E22E2", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B4673FD6-3C58-41BA-AA7F-C26FE42ECBD4", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "4328C1A9-F5B4-4D6B-8B2D-03BFC5310EDC", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2DC5D36F-834A-44EA-BCC8-A71BBA202A4F", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "24A634C9-C1DA-4D2D-BA5F-1EFC05756E5A", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "BCA44694-9D36-4E97-83F7-A1FEAC6717AB", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "6D6F83F0-AF30-453D-BB96-FE56A04C4971", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E0EFE3A3-2469-445E-A325-BC3F1D72FCA6", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "74A7DECE-B92C-471A-8A74-F1D5B5254A9B", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*", matchCriteriaId: "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "76CF6300-0292-4E53-B28D-865C2303BA51", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "16B79C2F-DAE9-4AD4-AFDA-DADD43E650AD", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "980DD4C4-A6C0-4D2D-BD09-21B62C4ADC71", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "62C92804-B959-43E1-9133-C16E58921D9A", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "D96AB2BB-4F4A-44C3-918F-DDB31B0D1FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "82775AC1-173D-4335-B13A-6CF73C9C11D8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "104AB7AA-2AB6-40AB-9BCA-2041396060B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "AEAF3163-4FF6-4BB0-8870-80D3F3F2953B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "0CB5291D-D248-4125-9129-BC655F082AD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "17BAF9DA-E605-42D2-8DF9-A7211ADBEA74", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "81771B6E-4D9D-470B-8072-50E9F1F654CD", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B6D87151-01B0-4069-861C-BBB57C493EB3", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E7561ED7-D773-4A88-B145-EEC3F7A6269B", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) de Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación inapropiada de entrada de los paquetes UDLD. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes UDLD específicamente diseñados a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar la recarga del dispositivo afectado, resultando en una condición de denegación de servicio (DoS). Nota: La funcionalidad UDLD está deshabilitada por defecto, y las condiciones para explotar esta vulnerabilidad son estrictas. Un atacante debe tener el control total de un dispositivo conectado directamente. En los dispositivos Cisco IOS XR, el impacto se limita a la recarga del proceso UDLD", }, ], id: "CVE-2021-34714", lastModified: "2024-11-21T06:11:01.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-23T03:15:18.153", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C", versionEndExcluding: "9.3\\(2\\)", versionStartIncluding: "7.0\\(3\\)f2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2", versionEndExcluding: "7.0\\(3\\)i7\\(8\\)", versionStartIncluding: "7.0\\(3\\)i", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E305E4CC-859B-4697-A7C9-A55BA55FF949", versionEndExcluding: "7.3\\(6\\)n1\\(1\\)", versionStartIncluding: "7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68A586A3-0291-4BA3-9211-6EE0BBB7F39C", versionEndExcluding: "9.3\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE", versionEndExcluding: "14.2\\(1j\\)", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E", versionEndExcluding: "3.2\\(3m\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EA485BA3-323E-4505-BBE1-4B2AC9E5A00D", versionEndExcluding: "4.0\\(4f\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario o causar una recarga sobre un dispositivo afectado. La vulnerabilidad se presenta porque el analizador de Cisco Discovery Protocol no comprueba apropiadamente la entrada para determinados campos en un mensaje de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer de la pila, lo que podría permitir al atacante ejecutar código arbitrario con privilegios administrativos sobre un dispositivo afectado. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).", }, ], id: "CVE-2020-3119", lastModified: "2024-11-21T05:30:21.903", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-05T18:15:10.987", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Protocol Independent Multicast (PIM) para redes IPv6 (PIM6) de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de errores al procesar paquetes PIM6 entrantes. Un atacante podría explotar esta vulnerabilidad mediante el envío de varios paquetes PIM6 diseñados hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que la aplicación PIM6 filtre memoria del sistema. Con el tiempo, esta pérdida de memoria podría causar que la aplicación PIM6 dejara de procesar el tráfico PIM6 legítimo, conllevando a una condición de DoS en el dispositivo afectado", }, ], id: "CVE-2020-3338", lastModified: "2024-11-21T05:30:49.880", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:11.940", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-404", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-09-20 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1033611 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40990 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033611 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.1\(2\)i3\(4\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nexus_9000 | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "0750C504-3D45-4ED7-9A0A-A8EEEEE426ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.", }, { lang: "es", value: "Vulnerabilidad en Cisco NX-OS 6.1(2)I3(4) y 7.0(3)I1(1) en dispositivos Nexus 9000 (N9K), permite a atacantes remotos provocar una denegación de servicio (consumo de CPU o inestabilidad en el plano de control) o desencadenar reenvíos de tráfico involuntarios a través de un paquete de Layer 2 con un número VLAN reservado, también conocida como Bug ID CSCuw13560.", }, ], id: "CVE-2015-6295", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-09-20T14:59:03.850", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033611", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033611", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-05 20:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "BA431796-203A-47FF-8D7B-BE0F032EEF85", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "33D894C8-5C56-4CE9-8A82-248EBB36797A", versionEndExcluding: "2.3.1.111", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "FF89AAA7-02D6-486A-9AF6-8977E756115D", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "FA65618C-F766-469C-804C-391DFEE67589", versionEndExcluding: "6.2\\(7\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A1FAAA03-9B96-4F4A-A17C-50709FF8A6B1", versionEndExcluding: "6.0\\(2\\)a4\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1392CDF-115C-431A-AF9B-8414F9307163", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C0C2141E-5E85-48FF-A943-3738E1BCB66B", versionEndExcluding: "7.1\\(4\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B317F641-A9CA-4658-8AB2-6CB4D1EDF159", versionEndExcluding: "7.3\\(0\\)n1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1730252C-B173-471C-A54A-B1A135CE5D6E", versionEndExcluding: "6.2\\(6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un comando de diagnóstico de la CLI en el software Cisco FXOS y el software Cisco NX-OS, podría permitir a un atacante local autenticado visualizar archivos confidenciales del sistema que deberían estar restringidos. El atacante podría usar esta información para realizar ataques de reconocimiento adicionales. La vulnerabilidad es debido a la comprobación incompleta del control de acceso basado en roles (RBAC). Un atacante podría explotar esta vulnerabilidad mediante la autenticación en el dispositivo y emitiendo un comando de diagnóstico de la CLI específico con parámetros de entrada de usuario especialmente diseñados. Una explotación podría permitir al atacante realizar una lectura arbitraria de un archivo en el dispositivo, y el archivo puede contener información confidencial. El atacante necesita credenciales de dispositivo válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2019-1734", lastModified: "2024-11-21T04:37:12.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-05T20:15:11.297", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-info", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E40D9097-C95A-4813-9DEE-89CA75820524", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", matchCriteriaId: "399568C2-4198-4D2C-B694-FF4EFE5E4710", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2:*:*:*:*:*:*:*", matchCriteriaId: "C8C2A169-117C-4F64-A6F0-748E7686260A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3:*:*:*:*:*:*:*", matchCriteriaId: "DC1A9850-0AF6-48B1-8D7B-309135DE7A27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4:*:*:*:*:*:*:*", matchCriteriaId: "E42217F8-C85B-45D4-BA3B-F4303947E355", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", matchCriteriaId: "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*", matchCriteriaId: "E575893D-81E5-47E6-9531-50E044C2C3D3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*", matchCriteriaId: "FF918D59-4D57-4C18-9FF5-AE6636F24484", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", matchCriteriaId: "9501608B-3811-4C33-BDA1-721045284C7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*", matchCriteriaId: "2B36B056-C068-4413-B648-1D1D6026B823", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", matchCriteriaId: "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E40D9097-C95A-4813-9DEE-89CA75820524", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", matchCriteriaId: "399568C2-4198-4D2C-B694-FF4EFE5E4710", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad NX-API de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que un proceso del sistema NX-API se reinicie inesperadamente. La vulnerabilidad es debido a una comprobación incorrecta del encabezado HTTP de una petición que se envía a NX-API. Un atacante podría explotar esta vulnerabilidad enviando una petición HTTP especialmente diseñada a NX-API en un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una condición de denegación de servicio (DoS) en el servicio NX-API; sin embargo, el dispositivo NX-OS en sí todavía estaría disponible y pasando el tráfico de red. Nota: La funcionalidad NX-API está deshabilitada por defecto.", }, ], id: "CVE-2019-1968", lastModified: "2024-11-21T04:37:47.520", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-30T09:15:20.380", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-116", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108386 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D14AF388-8D72-45DF-A268-4ACE8472F65C", versionEndExcluding: "8.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un comando específico CLI para el software Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador genere una condición de desbordamiento del búfer o realice una inyección de comandos. Esto podría permitir al atacante ejecutar comandos arbitrarios con elevados privilegios sobre el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a un determinado comando CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento del comando CLI afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios de raiz. Un atacante necesitaría credenciales de administrador válidas para aprovechar estas vulnerabilidades. Las versiones de NX-OS anteriores a 8.3 (1) están afectadas.", }, ], id: "CVE-2019-1767", lastModified: "2024-11-21T04:37:19.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T19:29:00.697", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108386", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108386", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", matchCriteriaId: "57D4F634-03D5-4D9F-901C-7E9CE45F2F38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\)s5:*:*:*:*:*:*:*", matchCriteriaId: "C4C0438A-0275-49B1-91BF-437917F3A4BF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*", matchCriteriaId: "F66360CD-CCCF-4DE7-86F1-996175B4503C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "59C91269-1657-4181-9B95-BDF85BFFFCD6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DF530AE3-F80B-40EC-9259-4771EEAD431D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "77E6A0BD-102F-40C6-BD9A-1986D6F58212", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD7A2723-6526-430C-BD39-9E32B1F37DBB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8D71782-16F9-41C9-BC10-BC514FD26129", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E769CD-8F81-40AE-A071-84FAF92AF5C4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AB914738-4557-4EC3-8A18-810862877C72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4C7A4072-9F8B-4374-9F8A-B660220765FA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "092FC6ED-9F53-41FF-9E0F-997D84B6DE3A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A288C8F3-AD77-46CC-BAD2-D8FC186D6CC6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C735F2C0-DC4D-45DE-8BA9-439BAE5CFD67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7187F85E-FEBE-4D55-AC48-E92F05734169", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7CEA0B58-FE79-4A33-B812-51CDE327A235", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D8030D5E-1BF4-485C-AFB7-B8DB48E0B91A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "16FB3414-3C5F-4827-B4F2-CF30EC31E0C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "45B4711C-322E-4B7B-8810-04BA8249B8BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EE63209-E1F9-4933-8729-E350ADE42793", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0C6AB3-480D-46F6-BE72-0B0010EC34CB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9329DC07-0B6F-467C-AAA0-527D97E956B6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A9C944B9-9492-45AA-9A4E-9CD6C996AF4D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7AAC2930-4A1A-4916-912F-953440AA009A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E2125C9A-7524-408C-B92E-91162FD4D72F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87F885B6-7049-4152-B74C-6444137B4662", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B24EC0B3-E3FC-4908-AC7E-2E3DE073DC06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C9FFFDC6-BE3D-4E2D-B6F2-FD191DE4F9B7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "502C8ADB-7EF2-4AC5-ACF0-AEA1ADA7A6BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E7ED5FBF-F5DF-4788-8683-E328D86E8733", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "186CB256-39AE-4D5A-B3FB-891A17785176", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B0DAE9A-F2D3-49C3-8488-A3A03C1CEB57", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "029F0A5A-43E4-4F3A-98A3-81E924CBE700", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DD53F341-AE7D-4E45-9746-DAC32FE9F570", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C3A80F37-C04C-43A5-AC12-E15BAB8545F5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "725A7AC7-8B75-47BC-8D99-701250E0ABE7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F1E8B8C6-29B2-402E-A722-1E95C01E14AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A39FB96C-94E1-4686-82A7-E0A6D88A5A08", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E154FCCB-A379-4384-8B72-7D373BFEEFE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B2326C6-C523-4BE2-B577-D64091AB92CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "060E7CD9-E906-437A-87B6-3AE0551E1DCB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FFAC471F-41AF-43A7-8661-DFA140DEC066", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EA530485-D6C8-4D5A-87A2-547DA8E74722", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6E00C558-9656-451C-A179-17B1762666C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C1A738F9-41CD-4A6A-8975-4C434FBCF55D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7000_10-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "432F828F-1F41-4C7A-B1B2-ADDCC1F0EE5A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7000_18-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "06B2FD68-C1DB-4AC6-B255-417C5D14D18B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7000_4-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "743ECD7B-DE3B-436C-BE6C-D5280719D970", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7000_9-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCBBB6BF-92A3-48CB-A57C-7476C0355175", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7700_10-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "317A834E-D1A8-47E0-ACEA-FA85984F8753", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7700_18-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "76CCA110-974F-419A-A716-E90B9DB5375E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7700_2-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "148FAB7B-164C-458D-B287-61FC73C53D25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_7700_6-slot_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C7EDE35C-3B05-4359-9336-915567A867EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.", }, { lang: "es", value: "Una vulnerabilidad en el Software Cisco NX-OS y el Software Cisco IOS XE, podría permitir que un atacante local autenticado con credenciales válidas de administrador o nivel de privilegio 15 cargue una imagen de servicio virtual y omita la comprobación de firma en un dispositivo afectado. La vulnerabilidad es debido a una comprobación de firma inapropiada durante la instalación de una imagen de Open Virtual Appliance (OVA). Un atacante local autenticado podría explotar esta vulnerabilidad y cargar una imagen OVA maliciosa y sin firmar en un dispositivo afectado. Una explotación con éxito podría permitir a un atacante llevar a cabo la ejecución de código en una imagen OVA de software diseñada.", }, ], id: "CVE-2019-12662", lastModified: "2024-11-21T04:23:18.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-25T21:15:11.203", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de la autenticación de Message Digest 5 (MD5) de Border Gateway Protocol (BG5) en Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado omitir la autenticación MD5 y establecer una conexión BGP con el dispositivo. La vulnerabilidad ocurre porque la autenticación BGP MD5 es omitida si el peer no tiene la autenticación MD5 configurada, el dispositivo NX-OS presenta la autenticación BGP MD5 configurada y el nombre de NX-OS BGP virtual routing and forwarding (VRF) está configurado para ser mayor de 19 caracteres Un atacante podría explotar esta vulnerabilidad al intentar establecer una sesión BGP con el peer NX-OS. Una explotación con éxito podría permitir al atacante establecer una sesión BGP con el dispositivo NX-OS sin autenticación MD5. La implementación de Cisco del protocolo BGP acepta el tráfico BGP entrante solo de peers configurados explícitamente. Para explotar esta vulnerabilidad, un atacante debe enviar los paquetes maliciosos por medio de una conexión TCP que parece provenir desde un peer BGP de confianza. Para hacerlo, el atacante debe obtener información sobre los peers BGP en la red confiable system’s afectada.", }, ], id: "CVE-2020-3165", lastModified: "2024-11-21T05:30:27.747", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:12.673", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-798", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "2A2F42DB-B22B-4880-BA73-D0E0295190DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un servicio de administración de archivos interno para Cisco Nexus 3000 Series Switches y Cisco Nexus 9000 Series Switches en modo NX-OS dedicado que ejecutan el software Cisco NX-OS podría permitir a un atacante remoto no autenticado crear, eliminar o sobrescribir archivos arbitrarios con privilegios de root en el dispositivo. Esta vulnerabilidad se presenta porque el puerto TCP 9075 está configurado incorrectamente para escuchar y responder a peticiones de conexión externa. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes TCP diseñados a una dirección IP configurada en una interfaz local en el puerto TCP 9075. Un ataque exitoso podría permitir al atacante crear, eliminar o sobrescribir archivos arbitrarios, incluidos archivos confidenciales relacionados a la configuración del dispositivo. Por ejemplo, el atacante podría agregar una cuenta de usuario sin que el administrador del dispositivo lo sepa", }, ], id: "CVE-2021-1361", lastModified: "2024-11-21T05:44:10.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.4, confidentialityImpact: "NONE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:N/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:13.287", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Enable Secret de Cisco Nexus 3000 Series Switches y Cisco Nexus 9000 Series Switches en modo NX-OS independiente, podría permitir a un atacante local autenticado emitir el comando enable y conseguir privilegios administrativos completos. Para explotar esta vulnerabilidad, el atacante necesitaría tener credenciales válidas para el dispositivo afectado. La vulnerabilidad es debido a un error lógico en la implementación del comando enable. Un atacante podría explotar esta vulnerabilidad al iniciar sesión en el dispositivo y emitiendo el comando enable. Una explotación con éxito podría permitir al atacante conseguir privilegios administrativos completos sin usar la contraseña de habilitación. Nota: La funcionalidad Enable Secret está desactivada por defecto", }, ], id: "CVE-2020-3394", lastModified: "2024-11-21T05:30:56.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.037", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-285", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-08-19 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/76372 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1033327 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40470 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76372 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033327 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.81\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 4.1\(2\)e1\(1c\) | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 7.2\(0\)n1\(0.1\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*", matchCriteriaId: "49BBF13E-A73F-4042-A263-DCA99DD75D48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*", matchCriteriaId: "E262B017-866F-4C82-895B-F92B8D49E469", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*", matchCriteriaId: "49BBF13E-A73F-4042-A263-DCA99DD75D48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.81\\):*:*:*:*:*:*:*", matchCriteriaId: "49BBF13E-A73F-4042-A263-DCA99DD75D48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "75364901-EF60-471D-9119-63835F6BF139", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "6F6ED843-F0BB-46B6-BD11-982B96977123", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*", matchCriteriaId: "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "185B1E14-1944-4BD2-AA45-0F5025EDDC84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.", }, { lang: "es", value: "Desbordamiento de búffer en Cisco NX-OS en dispositivos Nexus 1000V para VMware vSphere 7.3(0)ZN(0.81), dispositivos Nexus 3000 7.3(0)ZN(0.81), dispositivos Nexus 4000 4.1(2)E1(1c), dispositivos Nexus 7000 7.2(0)N1(0.1), y dispositivos Nexus 9000 7.3(0)ZN(0.81), permite a atacantes remotos causar una denegación de servicio (reinicio del proceso IGMP) a través de un paquete IGMPv3 mal formado que es manejado incorrectamente durante la asignación de memoria, también conocida como Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732 y CSCuv48908.", }, ], id: "CVE-2015-4324", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-19T15:59:06.837", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76372", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033327", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "0BEE5B22-F9D3-4EAA-A552-7F0271080632", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "74DB471F-43AF-4E94-99B0-7D38CB3F5943", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "9217FBFE-2708-440A-90F9-0562C159DE16", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "5BA5F46C-3172-4509-856F-703E0B517E7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "E07DC9A1-E4BA-474C-96C2-0B73704628AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*", matchCriteriaId: "027DCF27-E201-4713-A1AC-526C6CA04343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "40B05631-0319-4AFA-867A-2AECEAD449CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "771CD71E-4F24-4ACC-8D86-11429379093B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "906C7861-3266-445E-BBAB-64B757229A4F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "782E194A-E91E-4C72-A86A-5BD2B9CE19BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "4CE062A4-FD32-41E5-A5B2-06BED72140E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "52016BB9-A37D-4F3A-BEB4-77CF84193652", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "CE8D042D-35C6-4BDF-9CD7-9125B19DC415", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "50F91C27-4625-4CCD-B2EB-7F34F286AB2C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "F65D3CE3-CA53-4A13-AD86-E59196B586FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*", matchCriteriaId: "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "E8DB4683-C8B2-4013-85C5-A1B5F01790B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "E66B8A3B-AE6E-4876-9C14-54B24F91229C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "57B9178C-DD7F-4FE4-BC24-7025F90A4E93", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "A5288A19-E08E-4748-A6F8-C095746D8B92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "FDFA97CC-F9AD-42A8-8FBE-D986E729336C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "4E02BE71-98EB-494D-A808-42A3B2A0A72A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "6B74C309-446F-4EAC-939E-43BC8167FE75", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "0EA38368-8EE4-4480-9A9A-D12992108475", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BFCAE710-1789-4D3A-AC2E-E6A523037172", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*", matchCriteriaId: "2E7A6830-C15E-4690-8C1A-5044A3B01C13", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "69051EB0-D60F-4E30-8939-088E50422A0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*", matchCriteriaId: "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "A6049CBB-7445-4A77-867B-5D59DF0C9332", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*", matchCriteriaId: "58BE5188-775E-42A9-BCCF-0DBACDDFC045", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*", matchCriteriaId: "762B4A37-3D8C-4172-A8FF-14F470CBDBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*", matchCriteriaId: "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "94E4F174-8F51-41AF-82C7-0CA577753191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "353FD814-0812-4B90-B8F0-D372E85CF40B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "71AF6628-3E98-4D66-B4A9-9EA16519719A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "E52B312E-9C91-40F7-BACB-1550D6632477", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "746D1151-BEC2-4404-A7CF-651D8BFA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "52CE3E73-8EC6-49D1-837F-2FBFDD51802C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "B774106E-DC00-4F79-A5F9-390483A9FBEE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "26676350-6635-4B97-8A1E-250E06A177CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "DA426885-C1FB-4DB5-900A-7C7882956BFE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5C1581-9C53-4093-BBCA-67F57CE24C67", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D548C85A-F98B-49BF-A6C3-ADEB60124822", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "970718D9-4789-414B-8ED2-FBF914B4047C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "7C45D91E-5AA4-46B4-9A87-75480AC04732", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*", matchCriteriaId: "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "32083CFE-1DAE-4BE2-AFB9-B2806F809191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "B0D61DA2-28B2-49E5-8739-38113455BD09", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "2E20496D-D83C-4CD3-B1A3-EEE0D165F609", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "71425F24-4C89-49C1-9B5E-68FAFE04F89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "310CF610-34E9-45F2-B01A-76DDEC40A040", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "09A32C04-1467-4564-A18E-EF2AAEF64244", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "ED378075-D761-4D0D-8852-93616EA2F9BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "0C9BD58D-3AE9-49C7-AE94-74878CD109B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "46D16C20-D68E-4118-B8D4-D6A2044DCD32", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*", matchCriteriaId: "ABCDA33D-8576-4DF6-90A1-710CA3F78F68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "D302931B-4425-40A6-BF7E-97FAB43D0778", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "CEBC0A74-551B-4BD1-A59A-80C119362D60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*", matchCriteriaId: "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "DEB8A917-6F49-4636-AF8C-8C18BAACE661", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*", matchCriteriaId: "79ECC89F-7F84-42E0-AF0F-4C9A609131E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*", matchCriteriaId: "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*", matchCriteriaId: "FCE26439-5B15-48F4-8E02-CC45A76297A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*", matchCriteriaId: "F8744322-4D27-44BB-9573-BDEC9E8F6B00", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*", matchCriteriaId: "83C1841C-9D9B-4A22-9080-724BC75A004E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*", matchCriteriaId: "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*", matchCriteriaId: "ED709475-D435-492E-A295-3F3202CB6CC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*", matchCriteriaId: "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "B226BA8E-FC1E-44FF-9A91-837F355E53B5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*", matchCriteriaId: "1BA59F5B-43FE-4051-9D27-F83A7A39141E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*", matchCriteriaId: "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*", matchCriteriaId: "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*", matchCriteriaId: "BDEB393A-9687-4E52-9837-B2C9E8F22D58", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "7E1BE98A-95AE-4D11-B427-68D25FE60720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "CD61CB15-1955-4A81-9F8E-02F207094260", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "455F4A6C-428C-494F-B70C-A891B83EBEF7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "322088F6-DF10-4C58-92F3-0FFBF469A6B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "20BFA5E5-0ECC-4A1F-A936-1F325A810334", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "2F5FCA86-82A3-4540-B827-BD752D9E0465", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "40D5076C-6C6F-44F9-91D7-D8F2FEB21310", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "8296DD01-9CE0-4734-97A1-43250AD87453", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "77FC6FCC-9C86-43CB-A008-82E5C3E5B791", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "1AD71858-CA76-4BE3-8B4F-626959F6A342", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "38F4C42B-D975-46B5-8A18-1D6F72A294F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "58277DB8-BBC7-4639-8967-FCBAB029641E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.", }, { lang: "es", value: "Una vulnerabilidad con el protocolo Border Gateway Protocol (BGP) para Cisco Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI) podría permitir a un atacante remoto no autenticado causar la caída de un proceso de enrutamiento, lo que podría conllevar a una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido a un problema con la instalación de rutas tras recibir una actualización de BGP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una actualización de BGP diseñada a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que el proceso de enrutamiento se bloquee, lo que podría hacer que el dispositivo se recargue. Esta vulnerabilidad se aplica tanto a Internal BGP (IBGP) como a External BGP (EBGP). Nota: La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers configurados explícitamente. Para explotar esta vulnerabilidad, un atacante necesitaría enviar un mensaje de actualización de BGP específico mediante una conexión TCP establecida que parece provenir de un peer de BGP confiable", }, ], id: "CVE-2021-1230", lastModified: "2024-11-21T05:43:53.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:12.817", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-233", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D14AF388-8D72-45DF-A268-4ACE8472F65C", versionEndExcluding: "8.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DC8A47D2-CF7D-4306-A78E-B4423575C6A9", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1F404A62-E7A6-4C2E-884C-2D7E4E58A6C7", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8", versionEndExcluding: "6.2\\(22\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68D9CBC8-EB36-4EA5-B2F8-555137C8A86C", versionEndExcluding: "4.0\\(2a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "10CB3B6F-3CEE-4992-85F4-C448A20D7EA8", versionEndIncluding: "5.2\\(1\\)sv5\\(1.1\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E", versionEndIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "59B48D7E-BD70-4971-B508-1DAD4841C5CE", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software NX-OS de Cisco, podría permitir a un atacante local autorizado ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de los argumentos pasados a ciertos comandos de la CLI. Un atacante podría explotar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante requiere credenciales de usuario válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2019-1735", lastModified: "2024-11-21T04:37:12.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T19:29:00.633", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108365", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-06 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1.\(2\) | |
| cisco | nx-os | 4.1.\(3\) | |
| cisco | nx-os | 4.1.\(4\) | |
| cisco | nx-os | 4.1.\(5\) | |
| cisco | nx-os | 4.2\(3\) | |
| cisco | nx-os | 4.2\(4\) | |
| cisco | nx-os | 4.2\(6\) | |
| cisco | nx-os | 4.2\(8\) | |
| cisco | nx-os | 4.2.\(2a\) | |
| cisco | nx-os | 5.0\(2a\) | |
| cisco | nx-os | 5.0\(3\) | |
| cisco | nx-os | 5.0\(5\) | |
| cisco | nx-os | 5.1\(1\) | |
| cisco | nx-os | 5.1\(1a\) | |
| cisco | nx-os | 5.1\(3\) | |
| cisco | nx-os | 5.1\(4\) | |
| cisco | nx-os | 5.1\(5\) | |
| cisco | nx-os | 5.1\(6\) | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 6.0\(1\) | |
| cisco | nx-os | 6.0\(2\) | |
| cisco | nx-os | 6.0\(3\) | |
| cisco | nx-os | 6.0\(4\) | |
| cisco | nx-os | 6.1\(1\) | |
| cisco | nx-os | 6.1\(2\) | |
| cisco | nx-os | 6.1\(3\) | |
| cisco | nx-os | 6.1\(4\) | |
| cisco | nx-os | 6.1\(4a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | base | |
| cisco | nexus_7000_10-slot | - | |
| cisco | nexus_7000_18-slot | - | |
| cisco | nexus_7000_4-slot | - | |
| cisco | nexus_7000_9-slot | - | |
| cisco | nexus_7700_10-slot | - | |
| cisco | nexus_7700_18-slot | - | |
| cisco | nexus_7700_2-slot | - | |
| cisco | nexus_7700_6-slot | - | |
| cisco | nx-os | 4.1\(2\)e1\(1\) | |
| cisco | nx-os | 4.1\(2\)e1\(1b\) | |
| cisco | nx-os | 4.1\(2\)e1\(1d\) | |
| cisco | nx-os | 4.1\(2\)e1\(1e\) | |
| cisco | nx-os | 4.1\(2\)e1\(1f\) | |
| cisco | nx-os | 4.1\(2\)e1\(1g\) | |
| cisco | nx-os | 4.1\(2\)e1\(1h\) | |
| cisco | nx-os | 4.1\(2\)e1\(1i\) | |
| cisco | nx-os | 4.1\(2\)e1\(1j\) | |
| cisco | nx-os | base | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 4.0\(0\)n1\(1a\) | |
| cisco | nx-os | 4.0\(0\)n1\(2\) | |
| cisco | nx-os | 4.0\(0\)n1\(2a\) | |
| cisco | nx-os | 4.0\(1a\)n1\(1\) | |
| cisco | nx-os | 4.0\(1a\)n1\(1a\) | |
| cisco | nx-os | 4.0\(1a\)n2\(1\) | |
| cisco | nx-os | 4.0\(1a\)n2\(1a\) | |
| cisco | nx-os | 4.1\(3\)n1\(1\) | |
| cisco | nx-os | 4.1\(3\)n1\(1a\) | |
| cisco | nx-os | 4.1\(3\)n2\(1\) | |
| cisco | nx-os | 4.1\(3\)n2\(1a\) | |
| cisco | nx-os | 4.2\(1\)n1\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1\) | |
| cisco | nx-os | 4.2\(1\)n2\(1a\) | |
| cisco | nx-os | 5.0\(2\)n1\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1\) | |
| cisco | nx-os | 5.0\(2\)n2\(1a\) | |
| cisco | nx-os | 5.0\(3\)n1\(1c\) | |
| cisco | nx-os | 5.0\(3\)n2\(1\) | |
| cisco | nx-os | 5.0\(3\)n2\(2\) | |
| cisco | nx-os | 5.0\(3\)n2\(2a\) | |
| cisco | nx-os | 5.0\(3\)n2\(2b\) | |
| cisco | nx-os | 5.1\(3\)n1\(1\) | |
| cisco | nx-os | 5.1\(3\)n1\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1\) | |
| cisco | nx-os | 5.1\(3\)n2\(1a\) | |
| cisco | nx-os | 5.1\(3\)n2\(1b\) | |
| cisco | nx-os | 5.1\(3\)n2\(1c\) | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5672up-16g | - | |
| cisco | nexus_5696q | - | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | 4.0\(4\)sv1\(1\) | |
| cisco | nx-os | 4.0\(4\)sv1\(2\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3a\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3b\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3c\) | |
| cisco | nx-os | 4.0\(4\)sv1\(3d\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4a\) | |
| cisco | nx-os | 4.2\(1\)sv1\(4b\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.1\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.1a\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.2\) | |
| cisco | nx-os | 4.2\(1\)sv1\(5.2b\) | |
| cisco | nx-os | 4.2\(1\)sv2\(1.1\) | |
| cisco | nx-os | 4.2\(1\)sv2\(1.1a\) | |
| cisco | nx-os | 4.2\(1\)sv2\(2.1\) | |
| cisco | nx-os | 4.2\(1\)sv2\(2.1a\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.1\) | |
| cisco | nx-os | base | |
| cisco | nexus_1000v_for_microsoft_hyper-v | - | |
| cisco | nexus_1000v_for_vmware_vsphere | - | |
| cisco | nx-os | 5.0\(3\)u1\(1\) | |
| cisco | nx-os | 5.0\(3\)u1\(1a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1b\) | |
| cisco | nx-os | 5.0\(3\)u1\(1d\) | |
| cisco | nx-os | 5.0\(3\)u1\(2\) | |
| cisco | nx-os | 5.0\(3\)u1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(1\) | |
| cisco | nx-os | 5.0\(3\)u2\(2\) | |
| cisco | nx-os | 5.0\(3\)u2\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(2b\) | |
| cisco | nx-os | 5.0\(3\)u2\(2c\) | |
| cisco | nx-os | 5.0\(3\)u2\(2d\) | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | base | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 11.0\(1b\) | |
| cisco | nx-os | 11.0\(1c\) | |
| cisco | nx-os | base | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "DA1702F4-816E-4045-80B6-2BC71DC344F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "C1AC8BC8-638A-4F73-A64B-B490675AA1A4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7F128DC9-C4CA-4547-B6C8-8E83A8C5F6C8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1.\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "99FB6C32-CD16-41E9-AB42-A294424266DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7EE1586F-E01C-4C4F-8284-1B1FE5370343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "891D883E-8263-42B2-A978-49F6AEF4CD49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "9C059CCD-1BE1-4675-8388-0DB219C04E45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "67829CF9-FDCB-4A17-9241-1B48A38B1A74", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2.\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "C0476865-D306-47B7-A84A-C163A316D9DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "C6753978-267E-4398-A1F7-96C37B5C8600", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "16131960-37FE-4154-A82C-E3249B066DC4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "7B3296D4-DA94-4E41-BAAF-CEC0E84BB498", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9B582362-FCFB-4D94-9C0E-2B7FD3F5340E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "93FF6E77-B7C2-4CBB-A8FE-1D6218BA330C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5CAF2ADA-2C84-44EB-8893-0AB612AFF68F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B6D70623-8F98-44CA-A589-B93B167F88EA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "10AE58DE-C708-4C15-B2C4-2366F4378344", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "80510B23-1F02-4FE0-BF3D-E2CD2A5D5B2F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5F179FBC-22BE-4C44-AAE0-866F1D6B1270", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C628947-4A0E-4904-A6F7-745C3370A8F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "356B4143-5184-491B-9D10-19D6536366CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C038896F-6DBC-4695-9DBE-A60F6C39AFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "9F2453F2-704F-48F7-8009-991BE0B49251", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E00B4AC8-1D27-4394-AF28-10785AEFC073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "48926DA6-2020-4D4F-AD12-555163C6C352", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "161C5BDB-CD50-40C7-B972-A1B650607338", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7A0E6C0C-B88D-4085-AA28-0EA8CD1AB419", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A967FB72-BCEB-4A76-A322-DDB0C4094E7C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C6F882AB-C25D-477F-96BF-7001BB77B955", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "35E48EE6-C498-4E13-AC5E-28F6B4391725", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A3B41075-01D1-4832-A025-07A378F2A5E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "858E4134-643C-422C-8441-5372F4BC25D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "A12BFDB0-4B90-4EB6-9CBE-A7A33C57EA9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7AC41532-1F38-4540-8398-7DD66D92D041", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "AC852D6C-720F-48AC-BB5B-7E514FD9D2E8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "184425F6-8EC5-4774-990F-B4A6A68BCE33", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "B32719F7-998E-4528-B8D0-1017706E9CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "BC749257-E3FB-4831-8B50-CBB82A6AF162", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "7B9CABF8-D500-4E65-947F-7ADE71668179", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "9D8CF243-5C98-4D2D-96F5-B4FB208D42EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "5D8718EE-84AC-4CAC-98B1-AD3783535A1B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "BAF2F24A-9F1B-4ADA-955E-6BC80283B9C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*", matchCriteriaId: "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "234FD6A8-24D0-4F54-8E41-70E9575DCC77", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2A69202E-9600-4949-98F1-3037C8036B82", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(0\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "877676F4-566D-4C5A-946F-E22BA70865BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD10C022-06D6-4821-8BB1-928A04E705C0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3230A799-F129-4ABE-8DA1-83595015FCE0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F4CB0C21-D8E6-4CBB-8F6F-33B02B5BB57C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "2E8C04C7-8314-4A7F-B7C0-7B17A4204419", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "91272DF0-CD4C-4ECD-92C4-357CB881B9C0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "AFC4AE3C-FEBA-4EC3-AF7C-EE21400E26A4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B2A8C85D-ECAA-44E0-BE94-247EDB780895", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "487AD645-B95D-44C8-9B27-9651108F10A1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3D9E0C2E-E44E-4B2D-B7EA-CFEA7BE092A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D4A05AE9-050B-4B22-B668-B5250C853DE6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B8D6E3E-CE8F-4017-B0EE-DED343049A6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F69DC16-8793-4A50-B901-2BDBE007405E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "392B8209-689D-4EFB-8B8E-04910EEB38AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(2\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8595D2-710F-4C09-BEA4-A3D81C2269A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "B4B91092-DE54-4591-9C0F-A22A04AB71E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5FE1F177-8952-4ECE-9E7D-5DB17895148A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "D95D0F4E-944D-4AB8-B316-7842CB1F9C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "7856BA8B-4959-4FC2-AF4F-747FCFCC8EBE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "3A402251-E36D-4DD1-8DE9-6DA025CBECEB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "99F6A4FB-A7C4-48C8-AEE4-584DE5A7D57C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C3BE66A-77B5-4808-BFFC-26B6A77F048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "460A7B6A-C923-4D1A-89D4-3F46FE94D003", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "74CE3C35-D73A-4FB9-B061-B8A65F84F927", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "F3E0B7CF-91B6-4E49-A763-65A2EEED5C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.1\\(3\\)n2\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "30AA1C60-38DC-44E2-A4D8-0F290DA8D83C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "757A0C8E-4817-41DD-A609-2B61C36DBBCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3AECFED5-8D06-4396-BDD2-AAA0F5241839", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "772A297E-E323-4D2D-9129-6C4FC63643DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "6918EB91-679A-4F47-BB9E-3A22287F14FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A0464AAE-73CF-4B24-A5CE-5C1131909CF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "68376361-C835-4552-8490-553C9A082615", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "270620E3-92B7-4914-88C7-9D955B2B856E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A8E48600-FD20-4743-A3E8-AD5297164551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "4A10C1B6-616E-4F94-8889-9C99906326D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "01A091A5-2848-4901-B193-1EC9DD8A52E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "380FEA27-D68C-48DA-B2B9-4A3B3A71B059", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C871A419-B769-46B2-956E-467BBE94F290", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D2BC263A-21FC-422C-A7E4-D1095263C4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2CD13D1F-E83E-4D12-86BF-0260922BF4B9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "F7FB359F-8290-475A-B58F-AD9CD96D77E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "09753461-A8FA-4C38-9402-FDEBC3978506", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "66429608-00EF-49A9-9621-FC801542F79D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "15EB553C-07E2-40C5-A741-788042174763", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(4\\)sv1\\(3d\\):*:*:*:*:*:*:*", matchCriteriaId: "0959FD0A-24A2-48FB-A96D-C04FA0DF4992", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A3C6D7B8-AD24-49FF-8CE2-CDE2EE43EDD4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "1310C94C-3777-46E7-86AA-EA6A3AEE1EDF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(4b\\):*:*:*:*:*:*:*", matchCriteriaId: "2E595AFD-D9C5-4DDA-A56F-127D7AE513FC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.1\\):*:*:*:*:*:*:*", matchCriteriaId: "103597B4-C155-4809-BC90-DE52DA0A51D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C9FB95F-8F32-40FF-B40F-FDB375ADD946", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.2\\):*:*:*:*:*:*:*", matchCriteriaId: "15BAAE40-EBEF-4FC3-B1D0-96EF814F0C1B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv1\\(5.2b\\):*:*:*:*:*:*:*", matchCriteriaId: "E9F686E9-C88F-4CF1-8C90-1AF6D80EBAA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "DFC33DBB-D098-408C-BCEA-7068D23AF51E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(1.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E81ABF34-25C9-4168-B9DA-AABB870DD476", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "5FC2ED25-A2B7-4273-93EB-7DEE6D345AC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:4.2\\(1\\)sv2\\(2.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "837EBA81-8511-4189-8F68-AD1516E8D7DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.1\\):*:*:*:*:*:*:*", matchCriteriaId: "B3917B37-BA20-4B07-B003-B7E5F99C4A45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v_for_microsoft_hyper-v:-:*:*:*:*:*:*:*", matchCriteriaId: "DBD6FAD2-D4FA-422C-812D-1D17623CE33E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v_for_vmware_vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "DFEFE545-DDDC-491C-8F47-DEC79C735873", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "92BDA5ED-E9AF-4D9C-9D13-BADFC515670C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "F358E8D0-624B-412A-8726-B8AF96156317", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AFDC9595-39D4-4BF8-AF18-D27A500C9007", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "7241BFDB-6386-4CBE-ACFB-4599EDE9CB53", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AF7CE90-9433-4E1D-A2AD-0B8854521CCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "171160E9-F6B8-4C8A-B086-431E3E2A27BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "9CAFAE6E-8B64-4A1F-A7E4-2D4BDFB7D5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "91C35886-CB9B-4477-9AB3-9F1C9E45E757", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "7F393BE8-8CC4-4302-829F-2C4F97BAC14B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "CE855B3E-B2B8-4EBA-8303-55F6A5A77E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "641D651A-B85B-4E9E-BE92-35AFAE8A63A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7810F6FD-F58F-4121-9D30-8C5E3E163EFD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "09C38DCD-2A5F-4095-ABA4-02E95D93C358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "103A4C19-0E91-45FC-9AA2-F40215FCF63B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F61C03B-D7AB-468A-B092-158730FB3E0B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F883AA8-CC44-4440-AB30-D7AC29C242F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "7390B4D2-2121-4311-A798-337E8B777A7B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "924C6663-9EA0-4124-ACC6-0AFC649AEA6D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "3C559C83-FB34-4B1A-A6B3-1834D6CD022C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "7CFFFE88-17EA-4515-BF71-C0AB82957B21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "6EF14E5C-B776-4A04-A5CC-853CFF2816B9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "EF7E681A-F354-4093-84A9-5A357EAB1559", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8B627C66-CFE1-40B9-8264-392BB091EA52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5BFA21F2-E2B2-49B6-9956-D6219D499F7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "52899164-992D-4736-B460-FDFB825DB7A8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8766DA4C-A25C-48D4-A6FC-2357200A9215", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B6C48105-F73E-40C9-8CD9-B46C5319FB5E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "94F5B47A-023B-4415-8DB9-6829C5E72901", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1BB0F49B-85C0-4C52-82E0-C2683D43B553", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "384B7337-1C2F-479E-BB2B-F31320D82EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "C64CC640-B37D-4064-8946-B8CCCDE1A6EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "E8983275-20C6-487E-A265-3836F06AB226", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.", }, { lang: "es", value: "Cisco NX-OS 4.0 hasta la versión 7.3 en Multilayer Director y dispositivos Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a usuarios remotos autenticados eludir restricciones AAA destinadas y obtener un acceso CLI privilegiado a través de parámetros manipulados en una negociación de conexión SSH, vulnerabilidad también conocida como Bug IDs CSCum35502, CSCuw78669, CSCuw79754 y CSCux88492.", }, ], id: "CVE-2015-0721", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-06T10:59:00.210", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/93410", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1036947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93410", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036947", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-03 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nexus_9000_series_application_centric_infrastructure:-:*:*:*:*:*:*:*", matchCriteriaId: "1F856D67-3314-4B08-BD96-DACBFEA6979B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device.", }, { lang: "es", value: "Una vulnerabilidad en la administración del sistema de archivos para el programa Cisco Nexus 9000 Series Application Centric Infrastructure (ACI), podría permitir a un atacante local autorizado con derechos de administrador conseguir privilegios elevados como usuario tipo root en un dispositivo afectado. La vulnerabilidad se debe a los permisos de archivos excesivamente flexibles de archivos específicos del sistema. Un atacante podría aprovechar esta vulnerabilidad al identificarse en un dispositivo afectado, crear una cadena de comandos creada y escribir esta cadena en una ubicación específica del archivo. Una operación exito podría permitir al atacante ejecutar comandos de sistema operativo arbitrarios tipo root en un dispositivo afectado. El atacante debería tener credenciales de administrador válidas para el dispositivo.", }, ], id: "CVE-2019-1803", lastModified: "2024-11-21T04:37:24.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-03T17:29:00.737", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-08-19 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 6.2\(14\)s1 | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.0\(2\)u5\(1.41\) | |
| cisco | nx-os | 7.0\(3\)i2\(0.373\) | |
| cisco | nx-os | 7.3\(0\)zn\(0.83\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 7.3\(0\)zn\(0.9\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | mds_9000_nx-os | 6.2\(13\) | |
| cisco | mds_9000_nx-os | 7.1\(0\)zn\(91.99\) | |
| cisco | nx-os | 7.3\(0\)zn\(0.9\) | |
| cisco | nexus_1000v | - | |
| cisco | nx-os | 4.1\(2\)e1\(1b\) | |
| cisco | nexus_4001i | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\)s1:*:*:*:*:*:*:*", matchCriteriaId: "BE8505B4-61A1-4E98-8E13-9F8BAF825E42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1.41\\):*:*:*:*:*:*:*", matchCriteriaId: "6CFA09E0-9FA2-4E21-B285-CC64495461B4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(0.373\\):*:*:*:*:*:*:*", matchCriteriaId: "BDBECEDD-FFEA-4720-822F-3132CB914DEA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.83\\):*:*:*:*:*:*:*", matchCriteriaId: "FF357599-3FB1-4B4F-9E79-74E0BFC9F35B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*", matchCriteriaId: "E262B017-866F-4C82-895B-F92B8D49E469", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.9\\):*:*:*:*:*:*:*", matchCriteriaId: "8645B1E7-8044-4311-B2AB-7820DC723313", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:mds_9000_nx-os:6.2\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "BCB4D609-7FE0-4F40-AFA1-958352D912DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:mds_9000_nx-os:7.1\\(0\\)zn\\(91.99\\):*:*:*:*:*:*:*", matchCriteriaId: "06801F10-A29A-4CA0-918F-4E3CA550DCE8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zn\\(0.9\\):*:*:*:*:*:*:*", matchCriteriaId: "8645B1E7-8044-4311-B2AB-7820DC723313", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "75364901-EF60-471D-9119-63835F6BF139", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "AC852D6C-720F-48AC-BB5B-7E514FD9D2E8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*", matchCriteriaId: "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.", }, { lang: "es", value: "Vulnerabilidad de desbordamiento de buffer en Cisco NX-OS en dispositivos Nexus 1000V para VMware vSphere 7.3(0)ZN(0.9); dispositivos Nexus 3000 6.0(2)U5(1.41), 7.0(3)I2(0.373) y 7.3(0)ZN(0.83); dispositivos Nexus 4000 4.1(2)E1(1b); dispositivos Nexus 7000 6.2(14)S1; dispositivos Nexus 9000 7.3(0)ZN(0.9) y dispositivos MDS 9000 6.2 (13) y 7.1(0)ZN(91.99) y MDS SAN-OS 7.1(0)ZN(91.99), permite a atacantes remotos causar una denegación de servicio (interrupción del dispositivo) a través de un paquete ARP manipulado, relacionado con la validación incorrecta de MTU, también conocido como Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358 y CSCuv61366.", }, ], id: "CVE-2015-4323", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-19T23:59:02.590", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/76367", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1033321", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/76367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033321", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B1EA5BD6-6270-4A46-A6BB-E516ECD7441F", versionEndExcluding: "4.0\\(4h\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Exploitation of this vulnerability also requires jumbo frames to be enabled on the interface that receives the crafted Cisco Discovery Protocol packets on the affected device.", }, { lang: "es", value: "Una vulnerabilidad en el Data Management Engine (DME) de Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario con privilegios administrativos o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de entrada . Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete de Cisco Discovery Protocol diseñado hacia un dispositivo afectado adyacente a la Capa 2. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario con privilegios administrativos o causar que el proceso Cisco Discovery Protocol se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resulte en una condición DoS. Nota: El Cisco Discovery Protocol es un protocolo de capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de transmisión que el dispositivo afectado (adyacente a Capa 2). La explotación de esta vulnerabilidad también requiere que las tramas jumbo sean habilitadas en la interfaz que recibe los paquetes Cisco Discovery Protocol diseñados en el dispositivo afectado", }, ], id: "CVE-2020-3415", lastModified: "2024-11-21T05:30:59.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.317", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Border Gateway Protocol (BGP) Multicast VPN (MVPN) de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue inesperadamente, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una comprobación incompleta de entrada de un tipo específico de mensaje de actualización de BGP MVPN. Un atacante podría explotar esta vulnerabilidad mediante el envío de este mensaje de actualización de BGP MVPN específico y válido hacia un dispositivo objetivo. Una explotación con éxito podría permitir al atacante causar que una de las aplicaciones de enrutamiento relacionadas con BGP se reinicie varias veces, conllevando a un reinicio a nivel del sistema. Nota: La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers configurados explícitamente. Para explotar esta vulnerabilidad, un atacante debe enviar un mensaje de actualización de BGP MVPN específico por medio de una conexión TCP establecida que parece provenir de un peer BGP confiable. Para hacerlo, el atacante debe obtener información sobre los peers BGP en la red confiable del sistema afectado", }, ], id: "CVE-2020-3397", lastModified: "2024-11-21T05:30:57.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.143", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:43
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "C64CC640-B37D-4064-8946-B8CCCDE1A6EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "E8983275-20C6-487E-A265-3836F06AB226", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "CBCA0A4F-D475-405C-B9A7-EBB0A816B9C5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "DA0E0039-23E1-425B-8B2C-DFE2C185CC8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "9C3FB2AC-934D-4F12-9E9B-EA5F0731DA4D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "BACE91F5-EC9B-4486-80F1-CFC3DA570B9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3f\\):*:*:*:*:*:*:*", matchCriteriaId: "2C60E5B9-10AB-4A69-B28D-0D526756E6B6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3i\\):*:*:*:*:*:*:*", matchCriteriaId: "979FEE23-2C28-4212-9DA5-10A0EAFE1668", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3k\\):*:*:*:*:*:*:*", matchCriteriaId: "9B610400-181F-4621-B27B-18C2609990DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "4585B70C-E162-42FA-9CB8-42C1F34017AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(3o\\):*:*:*:*:*:*:*", matchCriteriaId: "EFC3F541-E417-4FC1-8C35-5B162F35F4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4g\\):*:*:*:*:*:*:*", matchCriteriaId: "627482D8-0464-4B96-B36A-25D151F1525E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4h\\):*:*:*:*:*:*:*", matchCriteriaId: "788E6471-F000-45A7-9829-71F7AE5ED1B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4o\\):*:*:*:*:*:*:*", matchCriteriaId: "BCD04718-6743-40A1-9115-A172D1C37835", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.0\\(4q\\):*:*:*:*:*:*:*", matchCriteriaId: "0277D6FD-2A73-45E9-ADA3-64998B7E4668", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "CAA00485-725D-467C-9152-DF325507E248", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "7D7ED5D0-12BD-483C-902B-CF1AE23611E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1r\\):*:*:*:*:*:*:*", matchCriteriaId: "582C120A-DFA9-40F8-875A-C7875D9D93F7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(1s\\):*:*:*:*:*:*:*", matchCriteriaId: "040EFFE2-EE24-46EA-B77B-7FDCCF66923D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "4FB814B0-24AE-4C62-9CCE-5D572D0FC0A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "92FAEF9F-724D-43E9-8916-BEF64A9B8F9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(3f\\):*:*:*:*:*:*:*", matchCriteriaId: "EA448665-A433-4C40-940D-1165C6A2777F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "061AC794-EDA5-4166-85D1-EA827685C0F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "FFE372D3-4978-4C78-AE1A-14E29ED00D46", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4g\\):*:*:*:*:*:*:*", matchCriteriaId: "1A11D005-53E4-4575-8EAC-86F9DDB62FF9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4i\\):*:*:*:*:*:*:*", matchCriteriaId: "952CC9AA-D03C-44F5-8600-78C1E20D0F9E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4l\\):*:*:*:*:*:*:*", matchCriteriaId: "74F6CC3C-BFCB-4CD6-830E-6A2C29EB0923", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.1\\(4m\\):*:*:*:*:*:*:*", matchCriteriaId: "C27C3B5E-AD72-4A32-BE7B-885AE8DFB480", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "A2C5F386-C135-4AED-9F96-388E324F09BB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "669CF375-763C-4B83-8291-85F7CE8297F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "9188E945-D4A9-47A7-8588-302762510C2A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "36A00C1F-7270-4E2F-8420-8567336AD1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "22EE58D9-D1BF-41BD-B331-A3472D38B1D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "58B28302-6700-4B2C-9531-6BECA5113D70", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "C470740F-386B-472E-AD18-D8954AD5BE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "E34C017B-E9C3-48B8-AB7E-0A8C6CD8788B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3e\\):*:*:*:*:*:*:*", matchCriteriaId: "ED0CF9B2-356D-45C5-BFCD-94155E1A2F14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "2478A831-330D-4526-8A2C-DC8C0F6973ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.2\\(3m\\):*:*:*:*:*:*:*", matchCriteriaId: "EAB57FD7-4350-4BFD-A6CF-EDA674AD31BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "71B4FF76-FBC5-4742-B784-90AFBE8E2767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "28328D72-D898-48C4-B7A9-D97E321C9D99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "1569E0F4-33D1-408D-88DC-26822447F325", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "FF454C26-1558-405A-B99C-ADF7A9E91B69", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "CA86F8E0-58FB-4CA5-9541-E9D55BED533D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "F031ABAD-3D20-4374-ABBE-24D5C01BE910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "F227E127-08EE-4A86-956C-BBBDB49925A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "D0CD7AC4-58DD-4795-AB15-EFA214111B42", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:11.3\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "64581189-9370-487A-9196-D0421CB3636E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "0BEE5B22-F9D3-4EAA-A552-7F0271080632", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "74DB471F-43AF-4E94-99B0-7D38CB3F5943", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "9217FBFE-2708-440A-90F9-0562C159DE16", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "5BA5F46C-3172-4509-856F-703E0B517E7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "E07DC9A1-E4BA-474C-96C2-0B73704628AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(1r\\):*:*:*:*:*:*:*", matchCriteriaId: "027DCF27-E201-4713-A1AC-526C6CA04343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "40B05631-0319-4AFA-867A-2AECEAD449CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "771CD71E-4F24-4ACC-8D86-11429379093B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "906C7861-3266-445E-BBAB-64B757229A4F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "782E194A-E91E-4C72-A86A-5BD2B9CE19BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "4CE062A4-FD32-41E5-A5B2-06BED72140E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "52016BB9-A37D-4F3A-BEB4-77CF84193652", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.0\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "CE8D042D-35C6-4BDF-9CD7-9125B19DC415", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "50F91C27-4625-4CCD-B2EB-7F34F286AB2C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "F65D3CE3-CA53-4A13-AD86-E59196B586FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "EC4633AD-6CBA-4E7B-BC9D-DCCBE1F2C7EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "04B6FAA5-D3CF-4463-9DE9-6F472DC78B2F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A8E4CF-2EF7-45E8-A4FE-5BEA54617D71", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3g\\):*:*:*:*:*:*:*", matchCriteriaId: "B0A7F045-BE20-4B1D-8A0D-38A651B77EA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3h\\):*:*:*:*:*:*:*", matchCriteriaId: "E8DB4683-C8B2-4013-85C5-A1B5F01790B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BF031A0E-9C92-4931-8433-EAF9F9BA0DE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.1\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "E66B8A3B-AE6E-4876-9C14-54B24F91229C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "57B9178C-DD7F-4FE4-BC24-7025F90A4E93", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1n\\):*:*:*:*:*:*:*", matchCriteriaId: "A5288A19-E08E-4748-A6F8-C095746D8B92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "4DBC06D8-E9B3-4400-A7E5-7EE6A3B8C9BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "46C5D5D2-B2B9-4A9A-84D5-6F04E3F8694F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "FDFA97CC-F9AD-42A8-8FBE-D986E729336C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2i\\):*:*:*:*:*:*:*", matchCriteriaId: "49DCFBB0-E1DA-4F4D-877A-BC6075775EDE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2j\\):*:*:*:*:*:*:*", matchCriteriaId: "4E02BE71-98EB-494D-A808-42A3B2A0A72A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "6B74C309-446F-4EAC-939E-43BC8167FE75", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "0EA38368-8EE4-4480-9A9A-D12992108475", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "BFCAE710-1789-4D3A-AC2E-E6A523037172", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3p\\):*:*:*:*:*:*:*", matchCriteriaId: "2E7A6830-C15E-4690-8C1A-5044A3B01C13", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "69051EB0-D60F-4E30-8939-088E50422A0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "D5135CDF-5991-4CC9-9C4C-CC0DADEA8C5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(3t\\):*:*:*:*:*:*:*", matchCriteriaId: "00DF4FCE-1B71-4A28-989C-AE4C5F2B3343", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4f\\):*:*:*:*:*:*:*", matchCriteriaId: "A6049CBB-7445-4A77-867B-5D59DF0C9332", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4p\\):*:*:*:*:*:*:*", matchCriteriaId: "58BE5188-775E-42A9-BCCF-0DBACDDFC045", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4q\\):*:*:*:*:*:*:*", matchCriteriaId: "762B4A37-3D8C-4172-A8FF-14F470CBDBFF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.2\\(4r\\):*:*:*:*:*:*:*", matchCriteriaId: "C9BCF174-6D01-4C1A-AF7F-B91EDD16E010", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "94E4F174-8F51-41AF-82C7-0CA577753191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "353FD814-0812-4B90-B8F0-D372E85CF40B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "71AF6628-3E98-4D66-B4A9-9EA16519719A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "E52B312E-9C91-40F7-BACB-1550D6632477", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1o\\):*:*:*:*:*:*:*", matchCriteriaId: "746D1151-BEC2-4404-A7CF-651D8BFA3412", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:12.3\\(1p\\):*:*:*:*:*:*:*", matchCriteriaId: "52CE3E73-8EC6-49D1-837F-2FBFDD51802C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "B774106E-DC00-4F79-A5F9-390483A9FBEE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "26676350-6635-4B97-8A1E-250E06A177CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2k\\):*:*:*:*:*:*:*", matchCriteriaId: "DA426885-C1FB-4DB5-900A-7C7882956BFE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.0\\(2n\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5C1581-9C53-4093-BBCA-67F57CE24C67", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D548C85A-F98B-49BF-A6C3-ADEB60124822", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "970718D9-4789-414B-8ED2-FBF914B4047C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "7C45D91E-5AA4-46B4-9A87-75480AC04732", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2p\\):*:*:*:*:*:*:*", matchCriteriaId: "973B7EE9-6B18-4D1D-8DEE-3C43D0CEB89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2q\\):*:*:*:*:*:*:*", matchCriteriaId: "32083CFE-1DAE-4BE2-AFB9-B2806F809191", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "B0D61DA2-28B2-49E5-8739-38113455BD09", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "2E20496D-D83C-4CD3-B1A3-EEE0D165F609", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "71425F24-4C89-49C1-9B5E-68FAFE04F89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.1\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "310CF610-34E9-45F2-B01A-76DDEC40A040", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "09A32C04-1467-4564-A18E-EF2AAEF64244", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(1m\\):*:*:*:*:*:*:*", matchCriteriaId: "ED378075-D761-4D0D-8852-93616EA2F9BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2l\\):*:*:*:*:*:*:*", matchCriteriaId: "0C9BD58D-3AE9-49C7-AE94-74878CD109B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "46D16C20-D68E-4118-B8D4-D6A2044DCD32", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3i\\):*:*:*:*:*:*:*", matchCriteriaId: "ABCDA33D-8576-4DF6-90A1-710CA3F78F68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "D302931B-4425-40A6-BF7E-97FAB43D0778", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "CEBC0A74-551B-4BD1-A59A-80C119362D60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3o\\):*:*:*:*:*:*:*", matchCriteriaId: "F36E0CC9-7DD7-439B-B83F-F96DEF5B2A37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3r\\):*:*:*:*:*:*:*", matchCriteriaId: "2F50E84B-7CAC-4832-96C5-9885F0F9DFC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "DEB8A917-6F49-4636-AF8C-8C18BAACE661", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4d\\):*:*:*:*:*:*:*", matchCriteriaId: "79ECC89F-7F84-42E0-AF0F-4C9A609131E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(4e\\):*:*:*:*:*:*:*", matchCriteriaId: "4A9AC0D9-D8D4-480F-B1B7-84D17AF4ABC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5d\\):*:*:*:*:*:*:*", matchCriteriaId: "28A0A2C2-6E9F-4A08-9ED8-6FD4E8203053", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5e\\):*:*:*:*:*:*:*", matchCriteriaId: "FCE26439-5B15-48F4-8E02-CC45A76297A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(5f\\):*:*:*:*:*:*:*", matchCriteriaId: "F8744322-4D27-44BB-9573-BDEC9E8F6B00", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(6i\\):*:*:*:*:*:*:*", matchCriteriaId: "83C1841C-9D9B-4A22-9080-724BC75A004E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7f\\):*:*:*:*:*:*:*", matchCriteriaId: "3E54C78E-93FE-4E22-A37A-25D07AF7C7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7k\\):*:*:*:*:*:*:*", matchCriteriaId: "ED709475-D435-492E-A295-3F3202CB6CC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(8d\\):*:*:*:*:*:*:*", matchCriteriaId: "20DBADBC-106E-4D0D-B6F1-F5859AD84DE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "B226BA8E-FC1E-44FF-9A91-837F355E53B5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9f\\):*:*:*:*:*:*:*", matchCriteriaId: "1BA59F5B-43FE-4051-9D27-F83A7A39141E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(9h\\):*:*:*:*:*:*:*", matchCriteriaId: "3883FD9C-0BCB-4865-81B6-854C8C4EC7DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(41d\\):*:*:*:*:*:*:*", matchCriteriaId: "3A52F12E-8EAD-40B8-BB6D-54FAD8718AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "B4F75D6B-D48A-4B5E-A1DF-EEBFEBFE6073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "FB1B81AF-FC0F-42B6-98C0-BEC432C7BAC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "87C5BB7A-3B2B-4AE3-A626-04FD1BB1E9C8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.0\\(3d\\):*:*:*:*:*:*:*", matchCriteriaId: "BDEB393A-9687-4E52-9837-B2C9E8F22D58", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "7E1BE98A-95AE-4D11-B427-68D25FE60720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "CD61CB15-1955-4A81-9F8E-02F207094260", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "455F4A6C-428C-494F-B70C-A891B83EBEF7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "322088F6-DF10-4C58-92F3-0FFBF469A6B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2g\\):*:*:*:*:*:*:*", matchCriteriaId: "20BFA5E5-0ECC-4A1F-A936-1F325A810334", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2m\\):*:*:*:*:*:*:*", matchCriteriaId: "7ECA1140-9DE0-4BC9-A381-A8DCB5BEA4A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2o\\):*:*:*:*:*:*:*", matchCriteriaId: "2F5FCA86-82A3-4540-B827-BD752D9E0465", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "6B8DE7D4-EFEC-487B-8250-251F9EA36BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2u\\):*:*:*:*:*:*:*", matchCriteriaId: "83EA47AA-6F3B-4A48-81A0-2CA8D6696B27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "89662D5F-AEEC-4DEB-AB8B-6A95D0A4B1D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.1\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "40D5076C-6C6F-44F9-91D7-D8F2FEB21310", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1j\\):*:*:*:*:*:*:*", matchCriteriaId: "8296DD01-9CE0-4734-97A1-43250AD87453", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "77FC6FCC-9C86-43CB-A008-82E5C3E5B791", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "1AD71858-CA76-4BE3-8B4F-626959F6A342", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(2f\\):*:*:*:*:*:*:*", matchCriteriaId: "38F4C42B-D975-46B5-8A18-1D6F72A294F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3j\\):*:*:*:*:*:*:*", matchCriteriaId: "7E6354B7-3CBA-4E09-93F6-B49717B2A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3l\\):*:*:*:*:*:*:*", matchCriteriaId: "C693C8FA-3324-4439-B177-6FAE387DB23D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "949C0F31-77ED-49CC-870D-70104AA908A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(3q\\):*:*:*:*:*:*:*", matchCriteriaId: "007BDA28-37AD-4F37-B351-C3BE0B8418F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4i\\):*:*:*:*:*:*:*", matchCriteriaId: "9563DBDC-D2C0-4C7C-A246-EC95DC4581CA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4k\\):*:*:*:*:*:*:*", matchCriteriaId: "09CF92FC-B053-4234-830F-683E06807545", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4o\\):*:*:*:*:*:*:*", matchCriteriaId: "61DF8B69-D0B7-455F-A50E-5930948BED49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(4p\\):*:*:*:*:*:*:*", matchCriteriaId: "724603DA-06C9-4E64-B495-A90AD9BF31E1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(5k\\):*:*:*:*:*:*:*", matchCriteriaId: "D1255013-E3BC-4048-BD50-4641C0048FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "ABBAFC12-85C7-4FD1-B46E-D8268D00DEE9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "8F988380-7BAE-4E9C-B1E2-D3F7389E2FB7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:15.0\\(2h\\):*:*:*:*:*:*:*", matchCriteriaId: "95A5C1D4-EAE5-4E3F-AFCC-96B1ECDA91EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.", }, { lang: "es", value: "Una vulnerabilidad en el establecimiento de la conexión VLAN de la infraestructura de estructura de Cisco Nexus 9000 Series Fabric Switches en Application Centric Infrastructure (ACI) Mode podría permitir que un atacante adyacente no autenticado omitir las comprobaciones de seguridad y conectar un servidor no autorizado a la VLAN de infraestructura. Esta vulnerabilidad es debido a requisitos de seguridad insuficientes durante la fase de configuración del Link Layer Discovery Protocol (LLDP) de la VLAN de infraestructura. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete LLDP diseñado en la subred adyacente a un dispositivo afectado. Una explotación con éxito podría permitir al atacante conectar un servidor no autorizado a la infraestructura VLAN, que tiene muchos privilegios. Con una conexión a la infraestructura VLAN, el atacante puede llevar a cabo conexiones no autorizadas a los servicios Cisco Application Policy Infrastructure Controller (APIC) o unirse a otros endpoints del host", }, ], id: "CVE-2021-1228", lastModified: "2024-11-21T05:43:52.683", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:12.613", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 09:15
Modified
2024-11-21 04:54
Severity ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 5.2\(1\)sk3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1a\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.1\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2a\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1a\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1b\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.6\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.10\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.5\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.8\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nexus_1000v | - | |
| cisco | nexus_1000ve | - | |
| cisco | nx-os | 5.0\(3\)a1\(1\) | |
| cisco | nx-os | 5.0\(3\)a1\(2\) | |
| cisco | nx-os | 5.0\(3\)a1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1\) | |
| cisco | nx-os | 5.0\(3\)u1\(1a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1b\) | |
| cisco | nx-os | 5.0\(3\)u1\(1c\) | |
| cisco | nx-os | 5.0\(3\)u1\(1d\) | |
| cisco | nx-os | 5.0\(3\)u1\(2\) | |
| cisco | nx-os | 5.0\(3\)u1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(1\) | |
| cisco | nx-os | 5.0\(3\)u2\(2\) | |
| cisco | nx-os | 5.0\(3\)u2\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(2b\) | |
| cisco | nx-os | 5.0\(3\)u2\(2c\) | |
| cisco | nx-os | 5.0\(3\)u2\(2d\) | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1d\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 5.0\(3\)u5\(1i\) | |
| cisco | nx-os | 5.0\(3\)u5\(1j\) | |
| cisco | nx-os | 6.0\(2\)a1\(1\) | |
| cisco | nx-os | 6.0\(2\)a1\(1a\) | |
| cisco | nx-os | 6.0\(2\)a1\(1b\) | |
| cisco | nx-os | 6.0\(2\)a1\(1c\) | |
| cisco | nx-os | 6.0\(2\)a1\(1d\) | |
| cisco | nx-os | 6.0\(2\)a1\(1e\) | |
| cisco | nx-os | 6.0\(2\)a1\(1f\) | |
| cisco | nx-os | 6.0\(2\)a1\(2d\) | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(4.92.4z\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3172 | - | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nx-os | 5.2\(1\)n1\(8b\) | |
| cisco | nx-os | 5.2\(1\)n1\(9\) | |
| cisco | nx-os | 5.2\(1\)n1\(9a\) | |
| cisco | nx-os | 5.2\(1\)n1\(9b\) | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(1a\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 6.0\(2\)n2\(5a\) | |
| cisco | nx-os | 6.0\(2\)n2\(5b\) | |
| cisco | nx-os | 6.0\(2\)n2\(6\) | |
| cisco | nx-os | 6.0\(2\)n2\(7\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 5.2\(9a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(1\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(6\)d1\(1\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.1\(2\)i1\(2\) | |
| cisco | nx-os | 6.1\(2\)i1\(3\) | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | ucs_manager | 3.2\(3n\)a | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| digi | saros | * | |
| hp | x3220nr_firmware | * | |
| hp | x3220nr_firmware | - | |
| treck | tcp\/ip | * | |
| cisco | unified_computing_system | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8AE969C2-960D-4C09-BBCA-B757D925EB5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "5D85822F-209F-4FE3-8ED9-59EC33E71884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9180296D-7BF2-445E-92AB-002D50D8D87B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2\\):*:*:*:*:*:*:*", matchCriteriaId: "E0B7B63E-7B91-48BC-A0E7-5BDC1FCC02AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2b\\):*:*:*:*:*:*:*", matchCriteriaId: "28765813-6283-43AF-9C0E-6884B305C158", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.1\\):*:*:*:*:*:*:*", matchCriteriaId: "B3917B37-BA20-4B07-B003-B7E5F99C4A45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2\\):*:*:*:*:*:*:*", matchCriteriaId: "BA9CEC37-A833-41D6-B3DA-9D17962D0989", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2a\\):*:*:*:*:*:*:*", matchCriteriaId: "3515BB86-5FD5-4203-B1AB-CCC8B784D091", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2b\\):*:*:*:*:*:*:*", matchCriteriaId: "5F310196-08CD-4A81-BE5C-8B484A71CD6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2c\\):*:*:*:*:*:*:*", matchCriteriaId: "3B8663A9-7287-4A28-8278-124F437A2BD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "36ECC59E-23AB-44F2-982E-8EC6901F6CCF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A7ECE401-189C-4438-8B73-AED84EAEB2B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1b\\):*:*:*:*:*:*:*", matchCriteriaId: "AEF80603-493F-41D1-B8E1-C73617AD4992", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1c\\):*:*:*:*:*:*:*", matchCriteriaId: "7B5E826B-AD7D-417E-87F4-C702BFB243A0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "4FC4D1AE-FC2D-4687-BE4A-04064CCDBBA2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "95F0898B-06EC-426E-98A6-753FD1FA1250", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.2\\):*:*:*:*:*:*:*", matchCriteriaId: "48E47ECE-9070-4EC6-BEB2-B6C233419439", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.3\\):*:*:*:*:*:*:*", matchCriteriaId: "5264C81D-8FA2-4C83-A136-A5F2A298DB08", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4\\):*:*:*:*:*:*:*", matchCriteriaId: "675E1BB5-E0B5-4123-819F-641DB1277EC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4b\\):*:*:*:*:*:*:*", matchCriteriaId: "EADE0C99-64F2-4294-A78B-782006C40F1F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5a\\):*:*:*:*:*:*:*", matchCriteriaId: "9A58D667-218D-42DA-A15F-4DA23762A71B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5b\\):*:*:*:*:*:*:*", matchCriteriaId: "A4265ACF-8EC4-4794-A31F-28CC6CBEBFE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.6\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BE1868-1AEB-468C-8B96-A0E85A5B7064", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*", matchCriteriaId: "17C275C2-9082-47EC-B525-9EAA427A083B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.15\\):*:*:*:*:*:*:*", matchCriteriaId: "072DA31B-F629-4A39-9149-03CC339C8D01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "6C3D3F90-5552-45EA-97E6-D298D23A87A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.5\\):*:*:*:*:*:*:*", matchCriteriaId: "0D58CF7B-FCEF-4A97-A9D3-631556FCE3D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.8\\):*:*:*:*:*:*:*", matchCriteriaId: "650B2C45-A7F4-4104-BF7A-7C4E18CFA225", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.1\\):*:*:*:*:*:*:*", matchCriteriaId: "2F74EB97-3BC7-4CC5-A48F-57B0C4C0E108", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.15\\):*:*:*:*:*:*:*", matchCriteriaId: "EE71BCEF-43A3-41C4-871B-E30DD7BFE3DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE33B6DC-0339-4D13-8AEC-7A91A386D3AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A89675-D360-4476-ADDE-FA3F0EBEC131", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:*:*:*", matchCriteriaId: "BFC48A4A-C4CC-4463-83D8-32192F3B7D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:hyper-v:*:*", matchCriteriaId: "71AC07A2-0A94-4531-8733-C399EC926515", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "9414EB06-685B-449A-AAE0-70BF74B50F59", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "14F547DC-9941-49B8-9752-FC25D144022F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9F0C0E2-17ED-4CCB-BAFA-CD957ACC8BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:*:*:*", matchCriteriaId: "5266D0F6-9B69-43A9-BA66-C0A6C1293BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "DB787D8A-1E09-450B-A7EC-8F2C3B7A0383", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "65CDC91A-BFED-47C3-8B2E-4BEB99F73555", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A58651D4-1292-445F-985F-945E2B881AD1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "169B0759-C366-4633-99E0-0FCF8CBBB002", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "92BDA5ED-E9AF-4D9C-9D13-BADFC515670C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "F358E8D0-624B-412A-8726-B8AF96156317", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "B178F96C-78D0-466E-B201-FE5371F4610E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AFDC9595-39D4-4BF8-AF18-D27A500C9007", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "7241BFDB-6386-4CBE-ACFB-4599EDE9CB53", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AF7CE90-9433-4E1D-A2AD-0B8854521CCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "171160E9-F6B8-4C8A-B086-431E3E2A27BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "9CAFAE6E-8B64-4A1F-A7E4-2D4BDFB7D5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "91C35886-CB9B-4477-9AB3-9F1C9E45E757", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "7F393BE8-8CC4-4302-829F-2C4F97BAC14B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "CE855B3E-B2B8-4EBA-8303-55F6A5A77E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "641D651A-B85B-4E9E-BE92-35AFAE8A63A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7810F6FD-F58F-4121-9D30-8C5E3E163EFD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "09C38DCD-2A5F-4095-ABA4-02E95D93C358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "103A4C19-0E91-45FC-9AA2-F40215FCF63B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F61C03B-D7AB-468A-B092-158730FB3E0B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F883AA8-CC44-4440-AB30-D7AC29C242F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "7390B4D2-2121-4311-A798-337E8B777A7B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "924C6663-9EA0-4124-ACC6-0AFC649AEA6D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "3C559C83-FB34-4B1A-A6B3-1834D6CD022C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "7F422D53-4FF4-43FB-8F62-D53393A8C038", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "7CFFFE88-17EA-4515-BF71-C0AB82957B21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "6EF14E5C-B776-4A04-A5CC-853CFF2816B9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "EF7E681A-F354-4093-84A9-5A357EAB1559", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8B627C66-CFE1-40B9-8264-392BB091EA52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "512B7DAC-3929-4063-9AA4-0C6B1E3047A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1j\\):-:*:*:*:*:*:*", matchCriteriaId: "E51725F9-753E-4D03-B132-38EB0A00BC3E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CA76DC9B-8325-4BF6-B729-FA781E88E7AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "26BC5100-7F5D-4603-A313-00767C6DA96F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "A2EA595C-6A01-4D8D-9CB9-F280D540D3FC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "882CE57A-B06D-4E93-A181-B74017ABBCC4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "60848441-E3E5-47E8-809B-0B226658425E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "3A196373-F643-4D7E-8DC7-8FFD60660B46", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "090903C2-4B6A-4DE5-9AD6-76A412E81A92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "7AF52EFA-7DE0-4669-ABA9-596D7D9A23AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF658ED7-F77C-405B-B06A-74B46FBDAD98", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7295EC54-FA19-4658-8510-3C072804D9E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B31E39D5-147B-4965-ACB6-34F1244143F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3D672928-6AE8-488B-A2A5-257074BAB2D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E64D8992-CA79-4ADF-BF3B-A76E944EC740", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "11A35378-54EB-422F-B0DD-211B214803D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "1E46D326-665C-4DB7-89A0-0F1B987D4A18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5BFA21F2-E2B2-49B6-9956-D6219D499F7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "52899164-992D-4736-B460-FDFB825DB7A8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8766DA4C-A25C-48D4-A6FC-2357200A9215", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B6C48105-F73E-40C9-8CD9-B46C5319FB5E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "94F5B47A-023B-4415-8DB9-6829C5E72901", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4.92.4z\\):*:*:*:*:*:*:*", matchCriteriaId: "AF23DA92-A5C0-488B-806E-8549190A08B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "625BE6B1-12A7-4A8A-A816-E82C026E0457", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "4EAC2920-462B-44F0-8E93-7875C2F74592", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "35957A41-D8F2-4BC1-986B-C3E271327D64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "4301927C-7A6D-4DA9-9470-9182E7FB234A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C775E53-781D-4426-A59B-DB65D697A844", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "619DEAAE-3356-4079-8CC8-F477FCA18199", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "757A0C8E-4817-41DD-A609-2B61C36DBBCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3AECFED5-8D06-4396-BDD2-AAA0F5241839", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "772A297E-E323-4D2D-9129-6C4FC63643DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "6918EB91-679A-4F47-BB9E-3A22287F14FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A0464AAE-73CF-4B24-A5CE-5C1131909CF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "68376361-C835-4552-8490-553C9A082615", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "270620E3-92B7-4914-88C7-9D955B2B856E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A8E48600-FD20-4743-A3E8-AD5297164551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "4A10C1B6-616E-4F94-8889-9C99906326D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "01A091A5-2848-4901-B193-1EC9DD8A52E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "380FEA27-D68C-48DA-B2B9-4A3B3A71B059", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "3EAF9D9A-BFA7-43B2-BCF5-D4AE884AFB44", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "31224B4A-CE5F-4B6E-8BAD-DF5BAA7EEB78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9a\\):*:*:*:*:*:*:*", matchCriteriaId: "B64B9F42-0779-439F-ABF9-4183B9A10D88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "704B6AA4-D001-45B6-9E84-10F7E70CD9DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C871A419-B769-46B2-956E-467BBE94F290", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "1AB525D6-6E1B-4806-A981-F0FEA87E516B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "4F3D9588-D98A-45FC-8344-58C55F35610E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "90C2E584-4BA6-48E7-8C56-A7F7D9BABC93", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "4A190D0A-B758-49BA-9830-9870F699DA0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "EF5613C4-6D05-4CF3-931F-F685150494DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A462729A-720F-4180-96DD-713A70CEF494", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "832DE1DB-0D1C-4C24-8E2D-D182205C94B0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*", matchCriteriaId: "D0FBFB9B-703D-42F8-93BA-969AB7284106", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C95519E-7536-4EF7-8222-D4089500F826", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "71F56568-57E6-4C1C-AC8A-D96E097E449E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F631EAC6-1D33-485E-9E00-8572FA015C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "25CEAE9E-DD9B-41E2-BC39-3332F428B489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C801D4A-E604-49CA-8D14-13622E85C563", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "EC78BEB7-47D1-4544-BC40-AB5D73B93D78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "A1F519D0-64BC-4862-8894-4F6C248253C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "94A247A8-E918-4757-9ADE-251B027CD307", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "195CD630-4949-4B52-B9FF-94F3DEFB47AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "225E5070-B635-4752-B771-0E721C96C2AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9E5CD729-234E-43C0-A6A3-A3E0983A6605", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4A30E576-56F8-4EBA-AADE-C70655DE6E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "74415A0A-A3F4-43BB-B609-B6641771D655", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "94AA886F-7BD1-4699-B1D3-E495EFCA2812", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "41A683FE-68AF-43E4-B846-2E82ACDD5E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C8B149C-D842-496A-BE21-41920F95139C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "1A727000-44CC-461C-A7D6-0B9A99CB974A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "105B6601-D756-4B76-9554-5B6E027A5E8E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B1340D1-8EE8-484F-979A-AB9E34D35EB3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6AE0D110-D8D7-4D50-A599-618A5120EDD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "1D901758-5416-422A-A745-89EF53C5ADF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "BB17004B-E1FE-4BE6-89A3-43AC2D967000", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C628947-4A0E-4904-A6F7-745C3370A8F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "356B4143-5184-491B-9D10-19D6536366CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C038896F-6DBC-4695-9DBE-A60F6C39AFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "9F2453F2-704F-48F7-8009-991BE0B49251", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E00B4AC8-1D27-4394-AF28-10785AEFC073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9a\\):*:*:*:*:*:*:*", matchCriteriaId: "7AA95379-A172-4262-8B34-A912E47BFB2D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*", matchCriteriaId: "65CCE422-71DB-4500-AC91-9FB4DD5924A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*", matchCriteriaId: "C37B944B-CFB6-41F6-B4ED-049BEB3732E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C18A0045-87F3-4782-81C5-0BF615EA9346", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FF9B10D1-29C0-4B16-813A-B535C4C64E47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "84551391-3A13-42EC-855F-FBB3453F65D4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "42D84BD8-D76B-422E-9E46-4A667A981FAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CD1CA5A5-703E-46B1-A4C8-EF8FAD58049E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "48889960-437F-4848-9D91-DF8BAA118C63", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1BB0F49B-85C0-4C52-82E0-C2683D43B553", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "384B7337-1C2F-479E-BB2B-F31320D82EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C775E53-781D-4426-A59B-DB65D697A844", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "619DEAAE-3356-4079-8CC8-F477FCA18199", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:3.2\\(3n\\)a:*:*:*:*:*:*:*", matchCriteriaId: "13FF5911-F491-4741-8602-31CB00884520", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:digi:saros:*:*:*:*:*:*:*:*", matchCriteriaId: "C98B5C59-8AF6-448B-AB76-BB3FAA7D4DD6", versionEndExcluding: "8.1.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:x3220nr_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A230831D-5238-49D4-9137-AB51BA84FEE5", versionEndExcluding: "3.00.11.08", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:x3220nr_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "778ED36E-19A5-4BB7-A0C2-D7695DCC84C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:treck:tcp\\/ip:*:*:*:*:*:*:*:*", matchCriteriaId: "197CE9E4-02C7-4C1F-87D2-DFD6FF636DF2", versionEndExcluding: "6.0.1.67", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:unified_computing_system:-:*:*:*:*:*:*:*", matchCriteriaId: "B944AB06-2598-431A-B6A6-0C108EBDCD5C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.", }, { lang: "es", value: "Múltiples productos que implementan la IP Encapsulation dentro del estándar IP (RFC 2003, STD 1) desencapsulan y enrutan el tráfico IP-in-IP sin ninguna comprobación, lo que podría permitir a un atacante remoto no autenticado enrutar tráfico arbitrario por medio de una interfaz de red expuesta y conllevar a una falsificación, omisión de control de acceso y otros comportamientos inesperados de la red.", }, ], id: "CVE-2020-10136", lastModified: "2024-11-21T04:54:53.377", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-02T09:15:09.967", references: [ { source: "cret@cert.org", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/636397/", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://www.digi.com/resources/security", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/636397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/636397/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.digi.com/resources/security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/636397", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-290", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-22 14:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "1C26E0A3-7641-4DDF-9882-F04F297C8D07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "F8397775-5A75-4710-9044-B56E1CEE20A1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "876304F4-4CE5-45B8-ADF5-2523319D05BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*", matchCriteriaId: "2A9C0219-7EDC-40FD-A66B-24A92993F692", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D23DFF0E-725B-4CCB-96A3-378600513CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "C71319A9-5B95-410A-BDDB-C47639B8E464", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "6487A95B-0D04-4ABA-B491-8A935694AFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "3506B07C-EB3B-4034-A348-1EEAD09CC5E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "122E24C3-1411-46DA-92F1-635BC0784559", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "B7543DCD-5ED0-4400-9326-9714AB84E012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B464B3-DE25-4980-ABC3-10D7C79C12E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "365A5FB4-3DCE-48D7-8917-636E94389576", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "961B0A51-15B4-45FF-BEAE-05667D76F418", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "A29C323C-6731-4CDA-B364-C1C8B8E60510", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "1D100815-C171-46F4-B675-64E20D8C4FD0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "214472EB-424C-48B7-8EF3-7B679A5042BF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D5229B-AFB2-4B28-95BB-563DBC346982", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "D32D88D4-EABA-4A3A-B300-374AA89525E3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "DD002B70-A630-4A5D-B63C-356AC7B8280C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "7F0AC2DC-234F-48BA-BCC8-DE82C293C273", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "67F94470-7815-4ADD-9FF9-BD74BA46454F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "09F0CD1D-A71B-413B-9150-E462CA206BAC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "1E2788A2-79DC-4A28-BD88-52EC86697C99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "F5747442-90B1-4932-8189-A70B39E45843", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*", matchCriteriaId: "7EED2E16-D0D7-4B53-A05F-595E120B1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*", matchCriteriaId: "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*", matchCriteriaId: "A2A181E6-0EE6-40F2-B04A-2C12DF67D278", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*", matchCriteriaId: "159A9622-2240-46E6-BD4B-62D652422758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*", matchCriteriaId: "6EA01EFB-8458-42B9-81C9-35E1E02FF42F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "360B9A25-5272-487A-AF1A-CE2FDFD6F23C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*", matchCriteriaId: "3291743D-1F0C-4A66-99F9-946196F5CB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "3ADE8708-95D4-4D30-85ED-BE870410F3B6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*", matchCriteriaId: "21686E9C-D51F-4016-BFF5-F076144C7CE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "2D2BBE1C-4820-4A68-83F4-734E0DA4738B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*", matchCriteriaId: "28CC31E4-5C1B-4FD1-9F86-670BAEA47774", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*", matchCriteriaId: "0742F63F-1945-47AA-943C-14959B23C21C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA5389A-8AD1-476E-983A-54DF573C30F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2FFD26-8255-4351-8594-29D2AEFC06EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "61E10975-B47E-4F4D-8096-AEC7B7733612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "182000E0-8204-4D8B-B7DE-B191AFE12E28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "BDC208BC-7E19-48C6-A20E-A79A51B7362C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "084D0191-563B-4FF0-B589-F35DA118E1C6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "968390BC-B430-4903-B614-13104BFAE635", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "F7B90D36-5124-4669-8462-4EAF35B0F53D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*", matchCriteriaId: "1D68E7FE-BD46-4245-8DEE-1AD32159E045", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "5F2EC055-B309-4F1F-A646-FA47AE344D27", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "737C724A-B6CD-4FF7-96E0-EBBF645D660E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7067AEC7-DFC8-4437-9338-C5165D9A8F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "71D4CF15-B293-4403-A1A9-96AD3933BAEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCC1515-2DBE-4DF2-8E83-29A869170F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7282AAFF-ED18-4992-AC12-D953C35EC328", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "360409CC-4172-4878-A76B-EA1C1F8C7A79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "D07B5399-44C7-468D-9D57-BB5B5E26CE50", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "B76FB64F-16F0-4B0B-B304-B46258D434BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2E128053-834B-4DD5-A517-D14B4FC2B56F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "0D3B28C3-114D-41EE-8295-AFA9932C9EAA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, { lang: "es", value: "Una vulnerabilidad en el intérprete de Python del software Cisco NX-OS podría permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad manipulando funciones específicas dentro del intérprete de Python. Una explotación exitosa podría permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecución de Python para aprovechar estas vulnerabilidades. Para obtener más información sobre los privilegios de ejecución de Python, consulte la documentación específica del producto, como la sección de la Guía de programación de NX-OS de la serie Cisco Nexus 9000.", }, ], id: "CVE-2024-20285", lastModified: "2024-10-22T14:37:01.363", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-28T17:15:07.687", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { source: "psirt@cisco.com", tags: [ "Product", ], url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-653", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108353 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108353 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "6B1386A3-38D8-40A7-9828-AF76A910F533", versionEndExcluding: "6.0\\(2\\)a8\\(10\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "01EAB41F-6AE7-47D9-80EC-C9974E331506", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad de administración de claves CLI SSH del software Cisco NX-OS podría permitir que un atacante local autorizado exponga la clave SSH privada de un usuario a todos los usuarios autorizados en el dispositivo de destino. El atacante debe identificarse con credenciales de dispositivo de administrador válidas. La vulnerabilidad se debe a un manejo de errores incompleto si se produce un tipo de error específico durante la exportación de la clave SSH. Un atacante podría explotar esta vulnerabilidad al identificarse en el dispositivo e ingresar un comando creado en la CLI. Una explotación con éxito podría permitir al atacante exponer la clave SSH privada de un usuario. Además, un tipo de error similar en la importación de la clave SSH podría hacer que la clave privada SSH protegida por contraseña se importara involuntariamente.", }, ], id: "CVE-2019-1731", lastModified: "2024-11-21T04:37:12.010", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 4.2, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T17:29:01.780", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108353", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108353", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-23 19:15
Modified
2024-11-21 07:40
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "6EB58108-78E4-4208-A549-C86B37422828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6E2484E7-24ED-4238-8ED3-FFFB7C479F18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "2A2F42DB-B22B-4880-BA73-D0E0295190DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "2B448FDB-C2F5-454F-A275-E985C3FCDBCD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEE47A7-B23A-4C9A-A25C-0983D94FB569", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "350F10D8-221B-4A47-8BF6-CCC421878243", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D7B192CE-F0B4-415F-9A33-B639A7B56ED4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "B6C6D9CC-211B-4CAA-B2AB-16DE5A34E21E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*", matchCriteriaId: "A5736375-4050-40A5-A504-688B182C9A75", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "54AB751B-77DE-4513-B961-378458F74164", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*", matchCriteriaId: "305A6637-16EA-4A66-A044-19BE643D6CA8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "69C445A7-B836-493D-8056-86D4F31847EE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C3018A70-3236-4885-8EB1-708442F74981", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F69EF43C-0F06-40B8-94AE-870E182E26CF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8CE0E36D-08A6-48D5-A364-AC066F30F3CB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability.", }, ], id: "CVE-2023-20115", lastModified: "2024-11-21T07:40:35.413", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-23T19:15:07.587", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-671", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-16 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108392 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "86770ECC-BC1D-42BC-A65B-FCE598491BEE", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B10C9143-9E1F-4DA3-924B-68D48B4F2D37", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "30E29EEC-FA0C-4DCE-A4A1-6CD66180AC36", versionEndExcluding: "2.3.1.130", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B0E1360A-E239-424C-BDB2-5A40B852F282", versionEndExcluding: "2.4.1.122", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas Cisco FXOS y Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado con privilegios elevados. La vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotación exitosa podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad. Las versiones de NX-OS anteriores a 8.3 (1) están afectadas. Las versiones de NX-OS anteriores a 8.3 (1) están afectadas.", }, ], id: "CVE-2019-1780", lastModified: "2024-11-21T04:37:21.717", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-16T17:29:01.277", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108392", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108392", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-fxos-cmdinj-1780", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-30 09:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7688EC58-4647-4A08-9E86-A71EA7C41B88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*", matchCriteriaId: "E575893D-81E5-47E6-9531-50E044C2C3D3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de la funcionalidad Simple Network Management Protocol (SNMP) Access Control List (ACL) de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado realizar el sondeo SNMP de un dispositivo afectado, incluso si se configura para denegar el tráfico SNMP. La vulnerabilidad es debido a una comprobación de longitud incorrecta cuando el nombre de ACL configurado es de la longitud máxima, que es 32 caracteres ASCII. Un atacante podría explotar esta vulnerabilidad realizando el sondeo SNMP de un dispositivo afectado. Una explotación con éxito podría permitir al atacante realizar el sondeo SNMP que debería haber sido denegado. El atacante no tiene ningún control de la configuración del nombre de la ACL de SNMP.", }, ], id: "CVE-2019-1969", lastModified: "2024-11-21T04:37:47.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-30T09:15:20.443", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-02-07 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samsung | x14j_firmware | t-ms14jakucb-1102.5 | |
| sun | opensolaris | snv_124 | |
| zyxel | gs1900-10hp_firmware | * | |
| zzinc | keymouse_firmware | 3.08 | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | base | |
| sun | opensolaris | snv_124 | |
| zyxel | gs1900-10hp_firmware | * | |
| zzinc | keymouse_firmware | 3.08 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*", matchCriteriaId: "3A5867B4-EC19-45D4-87BE-867E1D41ECD5", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*", matchCriteriaId: "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21D9999F-C55E-4BAB-A401-007FB34B2A5E", versionEndExcluding: "2.50\\(aazi.0\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*", matchCriteriaId: "83223AC7-22F3-4FCA-B11B-B769086DCF04", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:base:*:*:*:*:*:*:*", matchCriteriaId: "CFBAD221-BBD3-4BE6-974F-361C8E0FC6E2", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*", matchCriteriaId: "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53", vulnerable: true, }, { criteria: "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21D9999F-C55E-4BAB-A401-007FB34B2A5E", versionEndExcluding: "2.50\\(aazi.0\\)c0", vulnerable: true, }, { criteria: "cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*", matchCriteriaId: "83223AC7-22F3-4FCA-B11B-B769086DCF04", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.", }, { lang: "es", value: "Dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software anterior a 1.0(3h) y 1.1 en versiones anteriores a 1.1(1j) y switches Nexus 9000 ACI Mode con software anterior a 11.0(3h) y 11.1 en versiones anteriores a 11.1(1j) permite a usuarios remotos autenticados eludir las restricciones destinadas RBAC a través de peticiones REST manipuladas, también conocido como Bug ID CSCut12998.", }, ], id: "CVE-2016-1302", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-02-07T11:59:01.943", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1034925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034925", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-12 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032561 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032562 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39280 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032561 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032562 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 4.1\(2\)e1\(1f\) | |
| cisco | nexus_4001i | - | |
| cisco | nx-os | 7.2\(0\)zn\(99.67\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_31128pq | * | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3548 | - | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nexus_1000v | - | |
| cisco | mds_9000_nx-os | 6.2\(11\) |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "BC749257-E3FB-4831-8B50-CBB82A6AF162", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001i:-:*:*:*:*:*:*:*", matchCriteriaId: "AB68FC53-5CD6-445F-9BB5-1F3724D92A4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)zn\\(99.67\\):*:*:*:*:*:*:*", matchCriteriaId: "B09770FE-CD69-401E-8DC3-5DBBFB14B698", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:*:*:*:*:*:*:*:*", matchCriteriaId: "E262B017-866F-4C82-895B-F92B8D49E469", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:mds_9000_nx-os:6.2\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "D75C2A6F-BB85-41D4-8ADF-6EAF1CD2091D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.", }, { lang: "es", value: "La implementación Banner (también conocida como MOTD) en Cisco NX-OS 4.1(2)E1(1f) en los dispositivos Nexus 4000, 5.2(1)SV3(2.1) en los dispositivos Nexus 1000V, 6.0(2)N2(2) en los dispositivos Nexus 5000, 6.2(11) en los dispositivos MDS 9000, 6.2(12) en los dispositivos Nexus 7000, 7.0(3) en los dispositivos Nexus 9000, y 7.2(0)ZN(99.67) en los dispositivos Nexus 3000 permite a atacantes remotos causar una denegación de servicio (reconfiguración del proceso de inicio de sesión) a través de una solicitud de sesión de terminal no especificada durante el montaje de la sesión TELNET, también conocida como Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, y CSCuu77182.", }, ], id: "CVE-2015-0775", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-12T14:59:02.770", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032561", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032562", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108397 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108397 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "32DEA700-FD52-4AFE-9E32-21808F184033", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.", }, { lang: "es", value: "na vulnerabilidad en la implementación Bash Shell para el software NX-OS de Cisco, podría permitir a un atacante local autentificado omitir el conjunto de comandos limitados del Guest Shell y ejecutar comandos en el nivel de privilegio de un usuario administrador de la red fuera del Guest Shell. El atacante necesita autenticarse con credenciales de dispositivo de administrador válidas. La vulnerabilidad es debido a la implementación inapropiada de un comando de la CLI que permite que se invoque inapropiadamente un comando Bash en la CLI del Guest Shell. Un atacante podría explotar esta vulnerabilidad autentificándose en el dispositivo e introduciendo un comando creado en el indicador del Guest Shell. Una explotación exitosa podría permitir al atacante enviar comandos que deberían ser restringidos para una cuenta de Guest Shell.", }, ], id: "CVE-2019-1730", lastModified: "2024-11-21T04:37:11.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T17:29:01.717", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108397", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-10-17 15:03
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*", matchCriteriaId: "1C26E0A3-7641-4DDF-9882-F04F297C8D07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "F8397775-5A75-4710-9044-B56E1CEE20A1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "876304F4-4CE5-45B8-ADF5-2523319D05BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9232c:-:*:*:*:*:*:*:*", matchCriteriaId: "2A9C0219-7EDC-40FD-A66B-24A92993F692", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D23DFF0E-725B-4CCB-96A3-378600513CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "C71319A9-5B95-410A-BDDB-C47639B8E464", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "6487A95B-0D04-4ABA-B491-8A935694AFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "018DEE0B-F3BC-4D3F-B2E4-2FF40203E65F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "3506B07C-EB3B-4034-A348-1EEAD09CC5E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "122E24C3-1411-46DA-92F1-635BC0784559", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc2-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "B7543DCD-5ED0-4400-9326-9714AB84E012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "37DA56C5-FDD0-4CC3-9DDF-8F1BBE94B003", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B464B3-DE25-4980-ABC3-10D7C79C12E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "365A5FB4-3DCE-48D7-8917-636E94389576", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "90DB9E2B-74F6-4C62-AEE1-3FF109A963EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "961B0A51-15B4-45FF-BEAE-05667D76F418", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "A29C323C-6731-4CDA-B364-C1C8B8E60510", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "1D100815-C171-46F4-B675-64E20D8C4FD0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "214472EB-424C-48B7-8EF3-7B679A5042BF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D5229B-AFB2-4B28-95BB-563DBC346982", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "D32D88D4-EABA-4A3A-B300-374AA89525E3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "DD002B70-A630-4A5D-B63C-356AC7B8280C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "7F0AC2DC-234F-48BA-BCC8-DE82C293C273", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "462BC5C0-61C9-4CC6-AF3F-7A366C98F2DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "67F94470-7815-4ADD-9FF9-BD74BA46454F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "09F0CD1D-A71B-413B-9150-E462CA206BAC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "1E2788A2-79DC-4A28-BD88-52EC86697C99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "F5747442-90B1-4932-8189-A70B39E45843", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA21C9E7-30B9-4FC7-8031-2C27CE9C1AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504:-:*:*:*:*:*:*:*", matchCriteriaId: "7EED2E16-D0D7-4B53-A05F-595E120B1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508:-:*:*:*:*:*:*:*", matchCriteriaId: "E78D1F67-9BD7-467A-9D7A-37F54B3B51BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9516:-:*:*:*:*:*:*:*", matchCriteriaId: "A2A181E6-0EE6-40F2-B04A-2C12DF67D278", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sc-a:-:*:*:*:*:*:*:*", matchCriteriaId: "159A9622-2240-46E6-BD4B-62D652422758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a:-:*:*:*:*:*:*:*", matchCriteriaId: "6EA01EFB-8458-42B9-81C9-35E1E02FF42F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "360B9A25-5272-487A-AF1A-CE2FDFD6F23C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b:-:*:*:*:*:*:*:*", matchCriteriaId: "3291743D-1F0C-4A66-99F9-946196F5CB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "3ADE8708-95D4-4D30-85ED-BE870410F3B6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-16w:-:*:*:*:*:*:*:*", matchCriteriaId: "21686E9C-D51F-4016-BFF5-F076144C7CE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "2D2BBE1C-4820-4A68-83F4-734E0DA4738B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9400-8d:-:*:*:*:*:*:*:*", matchCriteriaId: "28CC31E4-5C1B-4FD1-9F86-670BAEA47774", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97284yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "08F7DE85-9CD5-4A3D-859A-4B3479DACBF0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3000_series:-:*:*:*:*:*:*:*", matchCriteriaId: "0742F63F-1945-47AA-943C-14959B23C21C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA5389A-8AD1-476E-983A-54DF573C30F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2FFD26-8255-4351-8594-29D2AEFC06EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "61E10975-B47E-4F4D-8096-AEC7B7733612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "182000E0-8204-4D8B-B7DE-B191AFE12E28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "BDC208BC-7E19-48C6-A20E-A79A51B7362C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "084D0191-563B-4FF0-B589-F35DA118E1C6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "968390BC-B430-4903-B614-13104BFAE635", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "F7B90D36-5124-4669-8462-4EAF35B0F53D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3ph:-:*:*:*:*:*:*:*", matchCriteriaId: "1D68E7FE-BD46-4245-8DEE-1AD32159E045", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*", matchCriteriaId: "5F2EC055-B309-4F1F-A646-FA47AE344D27", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "737C724A-B6CD-4FF7-96E0-EBBF645D660E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7067AEC7-DFC8-4437-9338-C5165D9A8F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "71D4CF15-B293-4403-A1A9-96AD3933BAEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCC1515-2DBE-4DF2-8E83-29A869170F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7282AAFF-ED18-4992-AC12-D953C35EC328", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "360409CC-4172-4878-A76B-EA1C1F8C7A79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "D07B5399-44C7-468D-9D57-BB5B5E26CE50", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "B76FB64F-16F0-4B0B-B304-B46258D434BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2E128053-834B-4DD5-A517-D14B4FC2B56F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_34-port_100g_and_14-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "0D3B28C3-114D-41EE-8295-AFA9932C9EAA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800_36-port_400g_line_card:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC134D3-9AA0-44A4-9CBD-410A3A9C5886", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. \r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.", }, { lang: "es", value: "Una vulnerabilidad en el intérprete de Python del software Cisco NX-OS podría permitir que un atacante local autenticado y con pocos privilegios escape del entorno limitado de Python y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad manipulando funciones específicas dentro del intérprete de Python. Una explotación exitosa podría permitir que un atacante escape del entorno limitado de Python y ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario autenticado. Nota: Un atacante debe estar autenticado con privilegios de ejecución de Python para aprovechar estas vulnerabilidades. Para obtener más información sobre los privilegios de ejecución de Python, consulte la documentación específica del producto, como la sección de la Guía de programación de NX-OS de la serie Cisco Nexus 9000.", }, ], id: "CVE-2024-20284", lastModified: "2024-10-17T15:03:07.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-28T17:15:06.893", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du", }, { source: "psirt@cisco.com", tags: [ "Product", ], url: "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }