cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20294,https://securityvulnerability.io/vulnerability/CVE-2024-20294,Cisco FXOS Software Vulnerability Could Lead to Denial of Service,"A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
 This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device and having an authenticated user retrieve LLDP statistics from the affected device through CLI show commands or Simple Network Management Protocol (SNMP) requests. A successful exploit could allow the attacker to cause the LLDP service to crash and stop running on the affected device. In certain situations, the LLDP crash may result in a reload of the affected device.
 Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).",Cisco,"Cisco Nx-os Software,Cisco Unified Computing System (managed),Cisco Firepower Extensible Operating System (fxos),Cisco Nx-os System Software In Aci Mode",6.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-29T01:43:00.000Z,0
CVE-2023-20185,https://securityvulnerability.io/vulnerability/CVE-2023-20185,Encryption Vulnerability in Cisco Nexus 9000 Series Switches,"A vulnerability exists within the CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode, allowing an unauthenticated remote attacker to potentially read or modify encrypted intersite traffic. This issue stems from a weakness in the implementation of ciphers utilized for encryption. An attacker positioned on the path between ACI sites can exploit this vulnerability, employing cryptanalytic techniques to compromise the encryption. As a result, affected traffic may be intercepted and altered. Notably, Cisco has indicated that they will not release any software updates to remedy this vulnerability.",Cisco,Cisco NX-OS System Software in ACI Mode,7.4,HIGH,0.0011899999808520079,false,,false,false,false,,,false,false,,2023-07-12T14:15:00.000Z,0
CVE-2023-20089,https://securityvulnerability.io/vulnerability/CVE-2023-20089,Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability,"A vulnerability exists in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches operating in Application Centric Infrastructure (ACI) Mode. This flaw could be exploited by an adjacent attacker to induce a memory leak that unexpectedly reloads the device. The vulnerability stems from inadequate error checking when parsing LLDP packets. To exploit this, an attacker must send crafted LLDP packets directly to an affected device in the same broadcast domain. Although this could create a denial of service condition, the risk can be mitigated by disabling LLDP on non-essential interfaces.",Cisco,Cisco Nx-os System Software In Aci Mode,7.4,HIGH,0.0005200000014156103,false,,false,false,true,2024-10-25T17:15:14.000Z,,false,false,,2023-02-23T00:00:00.000Z,0
CVE-2021-1584,https://securityvulnerability.io/vulnerability/CVE-2021-1584,Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability,"A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.",Cisco,Cisco Nx-os System Software In Aci Mode,6,MEDIUM,0.000859999970998615,false,,false,false,true,2024-08-03T17:16:02.000Z,,false,false,,2021-08-25T00:00:00.000Z,0
CVE-2021-1586,https://securityvulnerability.io/vulnerability/CVE-2021-1586,Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability,"A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition.",Cisco,Cisco Nx-os System Software In Aci Mode,8.6,HIGH,0.0015999999595806003,false,,false,false,true,2024-08-03T17:16:02.000Z,,false,false,,2021-08-25T00:00:00.000Z,0
CVE-2021-1523,https://securityvulnerability.io/vulnerability/CVE-2021-1523,Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability,"A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover.",Cisco,Cisco Nx-os System Software In Aci Mode,8.6,HIGH,0.0015999999595806003,false,,false,false,true,2024-08-03T17:15:59.000Z,,false,false,,2021-08-25T00:00:00.000Z,0
CVE-2021-1583,https://securityvulnerability.io/vulnerability/CVE-2021-1583,Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability,"A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.",Cisco,Cisco Nx-os System Software In Aci Mode,4.4,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-03T17:16:02.000Z,,false,false,,2021-08-25T00:00:00.000Z,0
CVE-2021-1231,https://securityvulnerability.io/vulnerability/CVE-2021-1231,Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability,"A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.",Cisco,Cisco Nx-os System Software In Aci Mode,4.7,MEDIUM,0.0005799999926239252,false,,false,false,true,2024-08-03T17:15:45.000Z,,false,false,,2021-02-24T00:00:00.000Z,0
CVE-2021-1228,https://securityvulnerability.io/vulnerability/CVE-2021-1228,Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability,"A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.",Cisco,Cisco Nx-os System Software In Aci Mode 11.0(1b),7.4,HIGH,0.0005799999926239252,false,,false,false,true,2024-08-03T17:15:45.000Z,,false,false,,2021-02-24T00:00:00.000Z,0
CVE-2021-1230,https://securityvulnerability.io/vulnerability/CVE-2021-1230,Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability,"A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.",Cisco,Cisco Nx-os System Software In Aci Mode,8.6,HIGH,0.0015899999998509884,false,,false,false,true,2024-08-03T17:15:45.000Z,,false,false,,2021-02-24T00:00:00.000Z,0
CVE-2019-1890,https://securityvulnerability.io/vulnerability/CVE-2019-1890,Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability,"A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.",Cisco,Cisco Nx-os System Software In Aci Mode 11.0.1b,7.4,HIGH,0.000539999979082495,false,,false,false,true,2024-08-04T19:16:16.000Z,,false,false,,2019-07-04T20:15:00.000Z,0