Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability
Vulnerability Description
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker could exploit this vulnerability by persuading a user of the NX-API to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. The attacker could view and modify the device configuration. Note: The NX-API feature is disabled by default.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Cisco NX-OS Software 跨站请求伪造漏洞
Vulnerability Description
Cisco NX-OS Software是美国思科(Cisco)公司的一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software 存在跨站请求伪造漏洞,该漏洞源于在受影响的设备上对NX-API没有足够的CSRF保护。
CVSS Information
N/A
Vulnerability Type
N/A