CVE-2021-1227: Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability
First published: Wed Feb 24 2021(Updated: )
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker could exploit this vulnerability by persuading a user of the NX-API to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. The attacker could view and modify the device configuration. Note: The NX-API feature is disabled by default.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Nx-os | =8.4\(2a\) | |
| Cisco Nx-os | =8.4\(3\) | |
| Cisco Nx-os | =8.4\(3\)s19 | |
| Cisco Mds 9148s | ||
| Cisco Mds 9250i | ||
| Cisco Mds 9706 | ||
| Cisco Mds 9710 | ||
| Cisco Nexus 7000 | ||
| Cisco Nexus 7700 | ||
| Cisco Nx-os | =9.3\(3\)idi9\(0.569\) | |
| Cisco Nexus 3048 | ||
| Cisco Nexus 31108pv-v | ||
| Cisco Nexus 31108tc-v | ||
| Cisco Nexus 31128pq | ||
| Cisco Nexus 3132c-z | ||
| Cisco Nexus 3132q-v | ||
| Cisco Nexus 3132q-x | ||
| Cisco Nexus 3132q-xl | ||
| Cisco Nexus 3164q | ||
| Cisco Nexus 3172pq | ||
| Cisco Nexus 3172pq-xl | ||
| Cisco Nexus 3232c | ||
| Cisco Nexus 3264c-e | ||
| Cisco Nexus 3264q | ||
| Cisco Nexus 3408-s | ||
| Cisco Nexus 34180yc | ||
| Cisco Nexus 3432d-s | ||
| Cisco Nexus 3464c | ||
| Cisco Nexus 3524-x | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3548-x | ||
| Cisco Nexus 3548-xl | ||
| Cisco Nexus 36180yc-r | ||
| Cisco Nexus 3636c-r | ||
| Cisco Nexus 9200 | ||
| Cisco Nexus 9300 | ||
| Cisco Nexus 9500 | ||
| Cisco Nx-os | =7.3\(8\)n1\(0.809\) | |
| Cisco Nexus 5548p | ||
| Cisco Nexus 5548up | ||
| Cisco Nexus 5596t | ||
| Cisco Nexus 5596up | ||
| Cisco Nexus 56128p | ||
| Cisco Nexus 5624q | ||
| Cisco Nexus 5648q | ||
| Cisco Nexus 5672up | ||
| Cisco Nexus 5672up-16g | ||
| Cisco Nexus 5696q | ||
| Cisco Nexus 6001 | ||
| Cisco Nexus 6004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1227?
CVE-2021-1227 is a vulnerability in the NX-API feature of Cisco NX-OS Software that could allow an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
What is the severity of CVE-2021-1227?
The severity of CVE-2021-1227 is high, with a severity score of 8.1.
Which software versions are affected by CVE-2021-1227?
Cisco NX-OS Software versions 8.4(2a), 8.4(3), and 8.4(3)s19 are affected by CVE-2021-1227.
How can an attacker exploit CVE-2021-1227?
An attacker can exploit CVE-2021-1227 by conducting a cross-site request forgery (CSRF) attack on an affected system.
Where can I find more information about CVE-2021-1227?
You can find more information about CVE-2021-1227 on the Cisco Security Advisory website.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/title
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/8.4\(2a\)
- version/cisco nx-os/8.4\(3\)
- version/cisco nx-os/8.4\(3\)s19
- canonical/cisco mds 9148s
- canonical/cisco mds 9250i
- canonical/cisco mds 9706
- canonical/cisco mds 9710
- canonical/cisco nexus 7000
- canonical/cisco nexus 7700
- version/cisco nx-os/9.3\(3\)idi9\(0.569\)
- canonical/cisco nexus 3048
- canonical/cisco nexus 31108pv-v
- canonical/cisco nexus 31108tc-v
- canonical/cisco nexus 31128pq
- canonical/cisco nexus 3132c-z
- canonical/cisco nexus 3132q-v
- canonical/cisco nexus 3132q-x
- canonical/cisco nexus 3132q-xl
- canonical/cisco nexus 3164q
- canonical/cisco nexus 3172pq
- canonical/cisco nexus 3172pq-xl
- canonical/cisco nexus 3232c
- canonical/cisco nexus 3264c-e
- canonical/cisco nexus 3264q
- canonical/cisco nexus 3408-s
- canonical/cisco nexus 34180yc
- canonical/cisco nexus 3432d-s
- canonical/cisco nexus 3464c
- canonical/cisco nexus 3524-x
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3548-x
- canonical/cisco nexus 3548-xl
- canonical/cisco nexus 36180yc-r
- canonical/cisco nexus 3636c-r
- canonical/cisco nexus 9200
- canonical/cisco nexus 9300
- canonical/cisco nexus 9500
- version/cisco nx-os/7.3\(8\)n1\(0.809\)
- canonical/cisco nexus 5548p
- canonical/cisco nexus 5548up
- canonical/cisco nexus 5596t
- canonical/cisco nexus 5596up
- canonical/cisco nexus 56128p
- canonical/cisco nexus 5624q
- canonical/cisco nexus 5648q
- canonical/cisco nexus 5672up
- canonical/cisco nexus 5672up-16g
- canonical/cisco nexus 5696q
- canonical/cisco nexus 6001
- canonical/cisco nexus 6004