CVE-2019-1968 is a vulnerability in Cisco Nx Os
Published on August 30, 2019
Cisco NX-OS Software NX-API Denial of Service Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2019-1968
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-1968 are published in Cisco Nx Os:
Affected Versions
Cisco NX-OS Software 6.0(2)A4(1):- Version unspecified and below 8.3(2) is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.