CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1227

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker could exploit this vulnerability by persuading a user of the NX-API to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. The attacker could view and modify the device configuration. Note: The NX-API feature is disabled by default.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.2%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 5.8

References

Products affected by CVE-2021-1227

Cisco » Mds 9148s » Version: N/A

cpe:2.3:h:cisco:mds_9148s:-
Cisco » Mds 9250i » Version: N/A

cpe:2.3:h:cisco:mds_9250i:-
Cisco » Mds 9706 » Version: N/A

cpe:2.3:h:cisco:mds_9706:-
Cisco » Mds 9710 » Version: N/A

cpe:2.3:h:cisco:mds_9710:-
Cisco » Nexus 3048 » Version: N/A

cpe:2.3:h:cisco:nexus_3048:-
Cisco » Nexus 31108pv-V » Version: N/A

cpe:2.3:h:cisco:nexus_31108pv-v:-
Cisco » Nexus 31108tc-V » Version: N/A

cpe:2.3:h:cisco:nexus_31108tc-v:-
Cisco » Nexus 31128pq » Version: N/A

cpe:2.3:h:cisco:nexus_31128pq:-
Cisco » Nexus 3132c-Z » Version: N/A

cpe:2.3:h:cisco:nexus_3132c-z:-
Cisco » Nexus 3132q-V » Version: N/A

cpe:2.3:h:cisco:nexus_3132q-v:-
Cisco » Nexus 3132q-X » Version: N/A

cpe:2.3:h:cisco:nexus_3132q-x:-
Cisco » Nexus 3132q-Xl » Version: N/A

cpe:2.3:h:cisco:nexus_3132q-xl:-
Cisco » Nexus 3164q » Version: N/A

cpe:2.3:h:cisco:nexus_3164q:-
Cisco » Nexus 3172pq-Xl » Version: N/A

cpe:2.3:h:cisco:nexus_3172pq-xl:-
Cisco » Nexus 3172pq » Version: N/A

cpe:2.3:h:cisco:nexus_3172pq:-
Cisco » Nexus 3232c » Version: N/A

cpe:2.3:h:cisco:nexus_3232c:-
Cisco » Nexus 3264c-E » Version: N/A

cpe:2.3:h:cisco:nexus_3264c-e:-
Cisco » Nexus 3264q » Version: N/A

cpe:2.3:h:cisco:nexus_3264q:-
Cisco » Nexus 3408-S » Version: N/A

cpe:2.3:h:cisco:nexus_3408-s:-
Cisco » Nexus 34180yc » Version: N/A

cpe:2.3:h:cisco:nexus_34180yc:-
Cisco » Nexus 3432d-S » Version: N/A

cpe:2.3:h:cisco:nexus_3432d-s:-
Cisco » Nexus 3464c » Version: N/A

cpe:2.3:h:cisco:nexus_3464c:-
Cisco » Nexus 3524-X » Version: N/A

cpe:2.3:h:cisco:nexus_3524-x:-
Cisco » Nexus 3524-Xl » Version: N/A

cpe:2.3:h:cisco:nexus_3524-xl:-
Cisco » Nexus 3548-X » Version: N/A

cpe:2.3:h:cisco:nexus_3548-x:-
Cisco » Nexus 3548-Xl » Version: N/A

cpe:2.3:h:cisco:nexus_3548-xl:-
Cisco » Nexus 36180yc-R » Version: N/A

cpe:2.3:h:cisco:nexus_36180yc-r:-
Cisco » Nexus 3636c-R » Version: N/A

cpe:2.3:h:cisco:nexus_3636c-r:-
Cisco » Nexus 5548p » Version: N/A

cpe:2.3:h:cisco:nexus_5548p:-
Cisco » Nexus 5548up » Version: N/A

cpe:2.3:h:cisco:nexus_5548up:-
Cisco » Nexus 5596t » Version: N/A

cpe:2.3:h:cisco:nexus_5596t:-
Cisco » Nexus 5596up » Version: N/A

cpe:2.3:h:cisco:nexus_5596up:-
Cisco » Nexus 56128p » Version: N/A

cpe:2.3:h:cisco:nexus_56128p:-
Cisco » Nexus 5624q » Version: N/A

cpe:2.3:h:cisco:nexus_5624q:-
Cisco » Nexus 5648q » Version: N/A

cpe:2.3:h:cisco:nexus_5648q:-
Cisco » Nexus 5672up-16g » Version: N/A

cpe:2.3:h:cisco:nexus_5672up-16g:-
Cisco » Nexus 5672up » Version: N/A

cpe:2.3:h:cisco:nexus_5672up:-
Cisco » Nexus 5696q » Version: N/A

cpe:2.3:h:cisco:nexus_5696q:-
Cisco » Nexus 6001 » Version: N/A

cpe:2.3:h:cisco:nexus_6001:-
Cisco » Nexus 6004 » Version: N/A

cpe:2.3:h:cisco:nexus_6004:-
Cisco » Nexus 7000 » Version: N/A

cpe:2.3:h:cisco:nexus_7000:-
Cisco » Nexus 7700 » Version: N/A

cpe:2.3:h:cisco:nexus_7700:-
Cisco » Nexus 9200 » Version: N/A

cpe:2.3:h:cisco:nexus_9200:-
Cisco » Nexus 9300 » Version: N/A

cpe:2.3:h:cisco:nexus_9300:-
Cisco » Nexus 9500 » Version: N/A

cpe:2.3:h:cisco:nexus_9500:-
Cisco » Nx-Os » Version: 7.3(8)n1(0.809)

cpe:2.3:o:cisco:nx-os:7.3(8)n1(0.809)
Cisco » Nx-Os » Version: 8.4(2a)

cpe:2.3:o:cisco:nx-os:8.4(2a)
Cisco » Nx-Os » Version: 8.4(3)

cpe:2.3:o:cisco:nx-os:8.4(3)
Cisco » Nx-Os » Version: 8.4(3)s19

cpe:2.3:o:cisco:nx-os:8.4(3)s19
Cisco » Nx-Os » Version: 9.3(3)idi9(0.569)

cpe:2.3:o:cisco:nx-os:9.3(3)idi9(0.569)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1227

Products

Pricing

Contact Us