CVE-2019-1968

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software (affected versions not specified)

Description The issue is due to insufficient validation of input data in the NX-API feature of Cisco NX-OS Software. This could allow a remote attacker to cause the NX-API system process to restart unexpectedly by sending a crafted HTTP request. A successful exploit could result in a denial of service (DoS) condition in the NX-API service, although the NX-OS device itself would remain available and continue passing network traffic.

Recommendations For Cisco NX-OS Software, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the NX-API feature until a patch is available. Restrict access to the NX-API to minimize the risk of exploitation.