{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T23:17:24.613","vulnerabilities":[{"cve":{"id":"CVE-2020-3170","sourceIdentifier":"psirt@cisco.com","published":"2020-02-26T17:15:13.140","lastModified":"2024-11-21T05:30:28.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the Cisco NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad NX-API de Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que un proceso del sistema NX-API se reinicie inesperadamente. La vulnerabilidad es debido a una comprobación incorrecta del encabezado HTTP de una petición que es enviada hacia la NX-API. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición HTTP diseñada hacia la NX-API sobre un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una condición de denegación de servicio (DoS) en el servicio NX-API; sin embargo, el dispositivo Cisco NX-OS por sí mismo estaría aún disponible y pasando tráfico de red. Nota: La funcionalidad NX-API está deshabilitada por defecto."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*","versionEndExcluding":"8.4\\(1\\)","matchCriteriaId":"13555705-A800-43A9-9A74-CA3243B97ECB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*","matchCriteriaId":"56426D35-FCFD-406E-9144-2E66C8C86EFC"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*","matchCriteriaId":"D25FA4A8-408B-4E94-B7D9-7DC54B61322F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*","matchCriteriaId":"831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*","matchCriteriaId":"8A72BDC4-6640-45CC-A128-0CDEE38D3ADC"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*","matchCriteriaId":"90094569-AA2C-4D35-807F-9551FACE255F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*","matchCriteriaId":"306AFBC9-A236-4D03-A1EB-CE7E838D8415"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*","matchCriteriaId":"12DB1A25-A7C9-412F-88BC-E89588896395"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*","matchCriteriaId":"3925D2CF-9D7C-4498-8AF2-45E15D5D009F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*","matchCriteriaId":"C677D356-86C9-4491-A6CA-5E6306B2BB70"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*","matchCriteriaId":"28A3C579-7AAD-41A4-947F-CCB9B09402A5"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*","matchCriteriaId":"5182CB50-4D32-4835-B1A8-817D989F919F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*","matchCriteriaId":"36B3B617-7554-4C36-9B41-19AA3BD2F6E9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*","matchCriteriaId":"B88879A9-A7F5-41E0-8A38-0E09E3FD27F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*","versionEndExcluding":"8.2\\(5\\)","matchCriteriaId":"BF541F60-D6BE-4F6C-A66D-B606411CE6E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*","matchCriteriaId":"12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*","matchCriteriaId":"DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}