A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the malicious user to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco nx-os 8.1 |
||
cisco nx-os 8.2 |
||
cisco nx-os 8.3 |
||
cisco nx-os 7.3 |
||
cisco nx-os 6.1\\(2\\)i2 |
||
cisco nx-os 7.0\\(3\\)i4 |
||
cisco nx-os 9.2 |
||
cisco nx-os 6.1\\(2\\)i3 |
||
cisco nx-os 7.0\\(3\\)i7 |
||
cisco nx-os 6.0\\(2\\)a8 |
||
cisco nx-os 7.0\\(3\\)f |
||
cisco nx-os 7.2 |
||
cisco nx-os 7.1 |
||
cisco nx-os 8.0 |
Vulmon