CVE-2019-1968
HIGHCisco NX-OS - Unauthenticated Denial of Service via NX-API HTTP Header
Title source: llmDescription
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos
Scores
CVSS v3
7.5
EPSS
0.0177
EPSS Percentile
75.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-20
CWE-116
Status
published
Products (14)
cisco/nx-os
7.3
cisco/nx-os
8.1
cisco/nx-os
8.2
cisco/nx-os
8.3
cisco/nx-os
6.1\(2\)i2
cisco/nx-os
6.1\(2\)i3
cisco/nx-os
7.0\(3\)i4
cisco/nx-os
7.0\(3\)i7
cisco/nx-os
9.2
cisco/nx-os
6.0\(2\)a8
... and 4 more
Published
Aug 30, 2019
Tracked Since
Feb 18, 2026