First published: Wed Feb 23 2022(Updated: )
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the NX-API of an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. Note: The NX-API feature is disabled by default. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2 This advisory is part of the February 2022 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2022 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco NX-OS Software | =9.3(8)<Nexus 3000 and 9000 Series Switches=7.0(3)I7(10)<Nexus 3000 and 9000 Series Switches | Nexus 3000 and 9000 Series Switches Nexus 3000 and 9000 Series Switches |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Cisco NX-OS Software NX-API Command Injection Vulnerability is a vulnerability in Cisco NX-OS Software that allows an authenticated remote attacker to execute arbitrary commands with root privileges.
The severity of Cisco NX-OS Software NX-API Command Injection Vulnerability is high with a CVSS score of 8.8.
Nexus 3000 and 9000 Series Switches with Cisco NX-OS Software versions 9.3(8), 7.0(3)I7(10), and below are affected by Cisco NX-OS Software NX-API Command Injection Vulnerability.
An attacker can exploit Cisco NX-OS Software NX-API Command Injection Vulnerability by sending user supplied data to the NX-API without proper input validation, allowing them to execute arbitrary commands with root privileges.
Yes, Cisco has released software updates that address the vulnerability. It is recommended to update to the latest version of Cisco NX-OS Software to mitigate the risk of exploitation.