CVE-2019-1968
30.08.2019, 09:15
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.Enginsight
| Vendor | Product | Version |
|---|---|---|
| cisco | nx-os | 7.3 |
| cisco | nx-os | 8.1 |
| cisco | nx-os | 8.2 |
| cisco | nx-os | 8.3 |
| cisco | nx-os | 6.1\(2\)i2 |
| cisco | nx-os | 6.1\(2\)i3 |
| cisco | nx-os | 7.0\(3\)i4 |
| cisco | nx-os | 7.0\(3\)i7 |
| cisco | nx-os | 9.2 |
| cisco | nx-os | 6.0\(2\)a8 |
| cisco | nx-os | 7.0\(3\)i7 |
| cisco | nx-os | 9.2 |
| cisco | nx-os | 7.0\(3\)f |
| cisco | nx-os | 9.2 |
| cisco | nx-os | 7.1 |
| cisco | nx-os | 7.2 |
| cisco | nx-os | 7.3 |
| cisco | nx-os | 7.2 |
| cisco | nx-os | 7.3 |
| cisco | nx-os | 8.0 |
| cisco | nx-os | 8.1 |
| cisco | nx-os | 8.2 |
| cisco | nx-os | 8.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-116 - Improper Encoding or Escaping of OutputThe software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.