{"containers": {"cna": {"affected": [{"product": "Cisco NX-OS Software 6.0(2)A4(1)", "vendor": "Cisco", "versions": [{"lessThan": "8.3(2)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-08-28T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-08-29T21:50:25", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"}], "source": {"advisory": "cisco-sa-20190828-nxos-api-dos", "defect": [["CSCvn26502", "CSCvn31273", "CSCvn57900"]], "discovery": "INTERNAL"}, "title": "Cisco NX-OS Software NX-API Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-08-28T16:00:00-0700", "ID": "CVE-2019-1968", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS Software NX-API Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco NX-OS Software 6.0(2)A4(1)", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "8.3(2)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "5.3", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"}]}, "source": {"advisory": "cisco-sa-20190828-nxos-api-dos", "defect": [["CSCvn26502", "CSCvn31273", "CSCvn57900"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:52.007Z"}, "title": "CVE Program Container", "references": [{"name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-19T17:23:15.309150Z", "id": "CVE-2019-1968", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T18:57:48.765Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1968", "datePublished": "2019-08-29T21:50:25.458591Z", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T18:57:48.765Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", "name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:52.007Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1968", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-19T17:23:15.309150Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T17:23:45.326Z"}}], "cna": {"title": "Cisco NX-OS Software NX-API Denial of Service Vulnerability", "source": {"defect": [["CSCvn26502", "CSCvn31273", "CSCvn57900"]], "advisory": "cisco-sa-20190828-nxos-api-dos", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS Software 6.0(2)A4(1)", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "8.3(2)", "versionType": "custom"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2019-08-28T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", "name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2019-08-29T21:50:25"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "5.3", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}}, "source": {"defect": [["CSCvn26502", "CSCvn31273", "CSCvn57900"]], "advisory": "cisco-sa-20190828-nxos-api-dos", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"affected": "<", "version_value": "8.3(2)", "version_affected": "<"}]}, "product_name": "Cisco NX-OS Software 6.0(2)A4(1)"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos", "name": "20190828 Cisco NX-OS Software NX-API Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1968", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS Software NX-API Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-08-28T16:00:00-0700"}}}}, "cveMetadata": {"cveId": "CVE-2019-1968", "state": "PUBLISHED", "dateUpdated": "2024-11-19T18:57:48.765Z", "dateReserved": "2018-12-06T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2019-08-29T21:50:25.458591Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", "matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", "matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", "matchCriteriaId": "F762E87A-BF80-4D33-ADDA-84369E068005", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", "matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", "matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", "matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2:*:*:*:*:*:*:*", "matchCriteriaId": "C8C2A169-117C-4F64-A6F0-748E7686260A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3:*:*:*:*:*:*:*", "matchCriteriaId": "DC1A9850-0AF6-48B1-8D7B-309135DE7A27", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4:*:*:*:*:*:*:*", "matchCriteriaId": "E42217F8-C85B-45D4-BA3B-F4303947E355", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", "matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", "matchCriteriaId": "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", "matchCriteriaId": "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*", "matchCriteriaId": "E575893D-81E5-47E6-9531-50E044C2C3D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "C9E648A2-AFB2-4F84-B27A-F8AC7F67B36F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF918D59-4D57-4C18-9FF5-AE6636F24484", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "9501608B-3811-4C33-BDA1-721045284C7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F363BEDD-A8AC-4FB6-87DC-708F97F8375E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.3:*:*:*:*:*:*:*", "matchCriteriaId": "399568C2-4198-4D2C-B694-FF4EFE5E4710", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad NX-API de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un proceso del sistema NX-API se reinicie inesperadamente. La vulnerabilidad es debido a una comprobaci\u00f3n incorrecta del encabezado HTTP de una petici\u00f3n que se env\u00eda a NX-API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP especialmente dise\u00f1ada a NX-API en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio NX-API; sin embargo, el dispositivo NX-OS en s\u00ed todav\u00eda estar\u00eda disponible y pasando el tr\u00e1fico de red. Nota: La funcionalidad NX-API est\u00e1 deshabilitada por defecto."}], "id": "CVE-2019-1968", "lastModified": "2024-11-21T04:37:47.520", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-30T09:15:20.380", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-api-dos"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-116"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}