vulnerability
Cisco NX-OS: CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 (Multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | May 22, 2018 | Jun 1, 2018 | Jul 28, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
May 22, 2018
Added
Jun 1, 2018
Modified
Jul 28, 2025
Description
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.
Solution
update-nxos
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.