A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCisco Nexus 3000
HWCiscowszystkie wersjeCisco Nexus 3100
HWCiscowszystkie wersjeCisco Nexus 3100v
HWCiscowszystkie wersjeCisco Nexus 3100 Z
HWCiscowszystkie wersjeCisco Nexus 3200
HWCiscowszystkie wersjeCisco Nexus 3400
HWCiscowszystkie wersjeCisco Nexus 3500
HWCiscowszystkie wersjeCisco Nexus 3600
HWCiscowszystkie wersjeCisco Nexus 9000v
HWCiscowszystkie wersjeCisco Nexus 92160yc X
HWCiscowszystkie wersjeCisco Nexus 92300yc
HWCiscowszystkie wersjeCisco Nexus 92304qc
HWCiscowszystkie wersjeCisco Nexus 92348gc X
HWCiscowszystkie wersjeCisco Nexus 9236c
HWCiscowszystkie wersjeCisco Nexus 9272q
HWCiscowszystkie wersjeCisco Nexus 93108tc Ex
HWCiscowszystkie wersjeCisco Nexus 93108tc Ex 24
HWCiscowszystkie wersjeCisco Nexus 93108tc Fx
HWCiscowszystkie wersjeCisco Nexus 93108tc Fx 24
HWCiscowszystkie wersjeCisco Nexus 93120tx
HWCiscowszystkie wersjeCisco Nexus 93128tx
HWCiscowszystkie wersjeCisco Nexus 9316d Gx
HWCiscowszystkie wersjeCisco Nexus 93180lc Ex
HWCiscowszystkie wersjeCisco Nexus 93180yc Ex
HWCiscowszystkie wersjeCisco Nexus 93180yc Ex 24
HWCiscowszystkie wersjeCisco Nexus 93180yc Fx
HWCiscowszystkie wersjeCisco Nexus 93180yc Fx 24
HWCiscowszystkie wersjeCisco Nexus 93180yc Fx3
HWCiscowszystkie wersjeCisco Nexus 93180yc Fx3s
HWCiscowszystkie wersjeCisco Nexus 93216tc Fx2
HWCiscowszystkie wersje
Related vulnerabilities
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (...
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could a...
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker ...
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could a...
Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Ne...