vulnerability

Cisco NX-OS: CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 (Multiple CVEs)

Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
May 22, 2018
Added
Jun 1, 2018
Modified
Feb 18, 2025

Description

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

Solution

update-nxos

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.