Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-20262 (GCVE-0-2025-20262)
Vulnerability from cvelistv5 – Published: 2025-08-27 16:23 – Updated: 2025-08-27 18:19
VLAI
EPSS
Title
Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability
Summary
A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
Severity
5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
9.2(3)
Affected: 9.2(2v) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 9.3(2) Affected: 9.2(4) Affected: 9.3(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 9.3(3) Affected: 9.3(4) Affected: 9.3(5) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 9.3(5w) Affected: 9.3(7) Affected: 9.3(7k) Affected: 10.2(1) Affected: 9.3(7a) Affected: 9.3(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 10.2(3) Affected: 10.2(3t) Affected: 9.3(10) Affected: 10.2(2a) Affected: 10.3(1) Affected: 10.2(4) Affected: 10.3(2) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.4(3) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.5(1) Affected: 10.2(8) Affected: 10.3(3r) Affected: 10.3(6) Affected: 9.3(14) Affected: 10.4(4) Affected: 10.3(4h) Affected: 10.5(2) Affected: 10.4(4g) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-27T18:19:06.153576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T18:19:53.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.2(8)"
},
{
"status": "affected",
"version": "10.3(3r)"
},
{
"status": "affected",
"version": "10.3(6)"
},
{
"status": "affected",
"version": "9.3(14)"
},
{
"status": "affected",
"version": "10.4(4)"
},
{
"status": "affected",
"version": "10.3(4h)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.4(4g)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T16:23:46.232Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxospc-pim6-vG4jFPh",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
}
],
"source": {
"advisory": "cisco-sa-nxospc-pim6-vG4jFPh",
"defects": [
"CSCwn69044"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20262",
"datePublished": "2025-08-27T16:23:46.232Z",
"dateReserved": "2024-10-10T19:15:13.243Z",
"dateUpdated": "2025-08-27T18:19:53.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-20262",
"date": "2026-05-29",
"epss": "0.0017",
"percentile": "0.37918"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20262\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-08-27T17:15:34.873\",\"lastModified\":\"2025-08-29T16:24:09.860\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\\r\\n\\r\\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funci\u00f3n Protocol Independent Multicast Version 6 (PIM6) de los switches Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios provoque un bloqueo del proceso PIM6, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de las consultas de datos ef\u00edmeros de PIM6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta ef\u00edmera manipulada a un dispositivo afectado mediante uno de los siguientes m\u00e9todos: NX-API REST, NETCONF, RESTConf, gRPC o telemetr\u00eda basada en modelos. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar el bloqueo y reinicio del proceso PIM6, lo que podr\u00eda causar fluctuaciones de adyacencia y una denegaci\u00f3n de servicio (DoS) de PIM6 y los procesos de consulta ef\u00edmera.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh\",\"source\":\"psirt@cisco.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20262\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-27T18:19:06.153576Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T18:19:34.642Z\"}}], \"cna\": {\"title\": \"Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability\", \"source\": {\"defects\": [\"CSCwn69044\"], \"advisory\": \"cisco-sa-nxospc-pim6-vG4jFPh\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco NX-OS Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.2(3)\"}, {\"status\": \"affected\", \"version\": \"9.2(2v)\"}, {\"status\": \"affected\", \"version\": \"9.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.2(2t)\"}, {\"status\": \"affected\", \"version\": \"9.2(3y)\"}, {\"status\": \"affected\", \"version\": \"9.3(2)\"}, {\"status\": \"affected\", \"version\": \"9.2(4)\"}, {\"status\": \"affected\", \"version\": \"9.3(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(1z)\"}, {\"status\": \"affected\", \"version\": \"9.2(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(3)\"}, {\"status\": \"affected\", \"version\": \"9.3(4)\"}, {\"status\": \"affected\", \"version\": \"9.3(5)\"}, {\"status\": \"affected\", \"version\": \"9.3(6)\"}, {\"status\": \"affected\", \"version\": \"10.1(2)\"}, {\"status\": \"affected\", \"version\": \"10.1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(5w)\"}, {\"status\": \"affected\", \"version\": \"9.3(7)\"}, {\"status\": \"affected\", \"version\": \"9.3(7k)\"}, {\"status\": \"affected\", \"version\": \"10.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(7a)\"}, {\"status\": \"affected\", \"version\": \"9.3(8)\"}, {\"status\": \"affected\", \"version\": \"10.2(1q)\"}, {\"status\": \"affected\", \"version\": \"10.2(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(9)\"}, {\"status\": \"affected\", \"version\": \"10.1(2t)\"}, {\"status\": \"affected\", \"version\": \"10.2(3)\"}, {\"status\": \"affected\", \"version\": \"10.2(3t)\"}, {\"status\": \"affected\", \"version\": \"9.3(10)\"}, {\"status\": \"affected\", \"version\": \"10.2(2a)\"}, {\"status\": \"affected\", \"version\": \"10.3(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(11)\"}, {\"status\": \"affected\", \"version\": \"10.3(3)\"}, {\"status\": \"affected\", \"version\": \"10.2(5)\"}, {\"status\": \"affected\", \"version\": \"9.3(12)\"}, {\"status\": \"affected\", \"version\": \"10.2(3v)\"}, {\"status\": \"affected\", \"version\": \"10.4(1)\"}, {\"status\": \"affected\", \"version\": \"10.3(99w)\"}, {\"status\": \"affected\", \"version\": \"10.2(6)\"}, {\"status\": \"affected\", \"version\": \"10.3(3w)\"}, {\"status\": \"affected\", \"version\": \"10.3(99x)\"}, {\"status\": \"affected\", \"version\": \"10.3(3o)\"}, {\"status\": \"affected\", \"version\": \"10.3(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(3p)\"}, {\"status\": \"affected\", \"version\": \"10.3(4a)\"}, {\"status\": \"affected\", \"version\": \"10.4(2)\"}, {\"status\": \"affected\", \"version\": \"10.3(3q)\"}, {\"status\": \"affected\", \"version\": \"9.3(13)\"}, {\"status\": \"affected\", \"version\": \"10.3(5)\"}, {\"status\": \"affected\", \"version\": \"10.2(7)\"}, {\"status\": \"affected\", \"version\": \"10.4(3)\"}, {\"status\": \"affected\", \"version\": \"10.3(3x)\"}, {\"status\": \"affected\", \"version\": \"10.3(4g)\"}, {\"status\": \"affected\", \"version\": \"10.5(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(8)\"}, {\"status\": \"affected\", \"version\": \"10.3(3r)\"}, {\"status\": \"affected\", \"version\": \"10.3(6)\"}, {\"status\": \"affected\", \"version\": \"9.3(14)\"}, {\"status\": \"affected\", \"version\": \"10.4(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(4h)\"}, {\"status\": \"affected\", \"version\": \"10.5(2)\"}, {\"status\": \"affected\", \"version\": \"10.4(4g)\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh\", \"name\": \"cisco-sa-nxospc-pim6-vG4jFPh\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\\r\\n\\r\\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-476\", \"description\": \"NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-08-27T16:23:46.232Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-20262\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T18:19:53.930Z\", \"dateReserved\": \"2024-10-10T19:15:13.243Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-08-27T16:23:46.232Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CISCO-SA-NXOSPC-PIM6-VG4JFPH
Vulnerability from csaf_cisco - Published: 2025-08-27 16:00 - Updated: 2025-08-27 16:00Summary
Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability
Notes
Summary: A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
For an example of an ephemeral query, see the About Ephemeral Data in gRPC ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635"] section of the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.3(x).
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667"].
Vulnerable Products: At the time of publication, this vulnerability affected Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that had the PIM6 feature enabled and at least one of the following features enabled:
NX-API
NETCONF
RESTCONF
gRPC
Model Driven Telemetry
Note: The Protocol Independent Multicast Version 4 (PIM4) feature is not affected.
For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
Determine Whether the PIM6 Feature Is Enabled
To determine whether the PIM6 feature is enabled, use the show feature | include pim6 CLI command, as shown in the following example:
Switch# show feature | include pim6
pim6 1 enabled
Determine Whether a Secondary Feature Is Enabled
To be affected by this vulnerability, a switch must have PIM6 and at least one of the listed features enabled. To determine if any of the listed features are enabled, use the show feature | include featurename command, substituting featurename with the following:
nxapi
netconf
restconf
grpc
telemetry
All these features are disabled by default.
Products Confirmed Not Vulnerable: Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
Firepower 1000 Series
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000 Virtual Edge for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Fabric Switches in ACI mode
Secure Firewall 3100 Series
Secure Firewall 4200 Series
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
UCS 6500 Series Fabric Interconnects
UCS X-Series Direct Fabric Interconnect 9108 100G
Workarounds: There are no workarounds that address this vulnerability.
Fixed Software: When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Cisco NX-OS Software
To help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (“Combined First Fixed”).
To use the tool, go to the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:
Choose which advisories the tool will search—only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"], or all advisories.
Choose the appropriate software.
Choose the appropriate platform.
Enter a release number—for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode.
Click Check.
Only this advisory All Critical and High advisories All advisories Cisco NX-OS Software Cisco NX-OS Software in ACI Mode Any Platform MDS 9000 Series Multilayer Switches Nexus 1000V Series Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance.
Cisco MDS Series Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"]
Cisco Nexus 3000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"]
Cisco Nexus 5500 Platform Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"]
Cisco Nexus 5600 Platform Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"]
Cisco Nexus 6000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"]
Cisco Nexus 7000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"]
Cisco Nexus 9000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"]
Cisco Nexus 9000 Series ACI-Mode Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"]
To determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.
Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements: The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Source: This vulnerability was found during internal security testing.
Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
5.0 (Medium)
Affected products
Known affected
108 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-248793:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-248793:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265141:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265141:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265142:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265143:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265143:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265144:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265144:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265568:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-265568:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-267105:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-267105:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-268971:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-271405:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-271405:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-274557:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-274557:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-276381:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-277347:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-277347:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-278882:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-278882:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-280558:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-280558:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-280940:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-281488:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-281488:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-281984:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-281984:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-282019:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-282019:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-282666:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-282666:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284264:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284264:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284316:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284316:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284574:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284574:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-284892:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286098:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286098:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286109:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286439:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286439:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286833:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-286833:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-287105:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-288219:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-288219:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-289309:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-289309:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-290556:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-290620:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-290620:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-292658:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-292658:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-292868:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-292868:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-294841:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-294841:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-295511:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-295511:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-299968:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-299968:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-299969:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300117:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300515:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300515:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300516:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300517:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300741:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300748:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300748:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300941:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300941:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-300942:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301024:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301024:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301106:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301115:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301115:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301137:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301137:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301277:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301277:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301289:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301568:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301568:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301718:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301718:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-301720:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302635:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302635:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302643:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302754:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302754:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302817:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302817:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302873:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302873:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-302884:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-303016:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-303016:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-303064:265091 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-303064:265096 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CSAFPID-303719:265096 | — |
Vendor Fix
fix
|
References
17 references
Acknowledgments
{
"document": {
"acknowledgments": [
{
"summary": "This vulnerability was found during internal security testing."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\r\n\r\nFor an example of an ephemeral query, see the About Ephemeral Data in gRPC [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635\"] section of the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.3(x).\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667\"].",
"title": "Summary"
},
{
"category": "general",
"text": "At the time of publication, this vulnerability affected Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that had the PIM6 feature enabled and at least one of the following features enabled:\r\n\r\nNX-API\r\nNETCONF\r\nRESTCONF\r\ngRPC\r\nModel Driven Telemetry\r\n\r\nNote: The Protocol Independent Multicast Version 4 (PIM4) feature is not affected.\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n\r\nDetermine Whether the PIM6 Feature Is Enabled\r\n\r\nTo determine whether the PIM6 feature is enabled, use the show feature | include pim6 CLI command, as shown in the following example:\r\n\r\n\r\nSwitch# show feature | include pim6\r\npim6 1 enabled\r\n\r\n\r\nDetermine Whether a Secondary Feature Is Enabled\r\n\r\nTo be affected by this vulnerability, a switch must have PIM6 and at least one of the listed features enabled. To determine if any of the listed features are enabled, use the show feature | include featurename command, substituting featurename with the following:\r\n\r\nnxapi\r\nnetconf\r\nrestconf\r\ngrpc\r\ntelemetry\r\n\r\nAll these features are disabled by default.",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nFirepower 1000 Series\r\nFirepower 2100 Series\r\nFirepower 4100 Series\r\nFirepower 9300 Security Appliances\r\nMDS 9000 Series Multilayer Switches\r\nNexus 1000 Virtual Edge for VMware vSphere\r\nNexus 5500 Platform Switches\r\nNexus 5600 Platform Switches\r\nNexus 6000 Series Switches\r\nNexus 7000 Series Switches\r\nNexus 9000 Series Fabric Switches in ACI mode\r\nSecure Firewall 3100 Series\r\nSecure Firewall 4200 Series\r\nUCS 6300 Series Fabric Interconnects\r\nUCS 6400 Series Fabric Interconnects\r\nUCS 6500 Series Fabric Interconnects\r\nUCS X-Series Direct Fabric Interconnect 9108 100G",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability.",
"title": "Workarounds"
},
{
"category": "general",
"text": "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\nCisco NX-OS Software\r\nTo help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (\u201cFirst Fixed\u201d). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (\u201cCombined First Fixed\u201d).\r\n\r\nTo use the tool, go to the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:\r\n\r\nChoose which advisories the tool will search\u2014only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr\"], or all advisories.\r\nChoose the appropriate software.\r\nChoose the appropriate platform.\r\nEnter a release number\u2014for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode.\r\nClick Check.\r\n\r\n Only this advisory All Critical and High advisories All advisories Cisco NX-OS Software Cisco NX-OS Software in ACI Mode Any Platform MDS 9000 Series Multilayer Switches Nexus 1000V Series Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches\r\n\r\n\r\n\r\n\r\n Additional Resources\r\nFor help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance.\r\n\r\n\r\nCisco MDS Series Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html\"]\r\nCisco Nexus 3000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html\"]\r\nCisco Nexus 5500 Platform Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html\"]\r\nCisco Nexus 5600 Platform Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html\"]\r\nCisco Nexus 6000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 7000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 9000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html\"]\r\nCisco Nexus 9000 Series ACI-Mode Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html\"]\r\n\r\nTo determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "This vulnerability was found during internal security testing.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "About Ephemeral Data in gRPC",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635"
},
{
"category": "external",
"summary": "Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "Cisco Security Advisories page",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "Cisco Software Checker",
"url": "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"
},
{
"category": "external",
"summary": "Security Impact Rating (SIR)",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"
},
{
"category": "external",
"summary": "Cisco MDS Series Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 3000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"
},
{
"category": "external",
"summary": "Cisco Nexus 5500 Platform Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 5600 Platform Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 6000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 7000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 9000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"
},
{
"category": "external",
"summary": "Cisco Nexus 9000 Series ACI-Mode Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"
},
{
"category": "external",
"summary": "Security Vulnerability Policy",
"url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
}
],
"title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2025-08-27T16:00:00+00:00",
"generator": {
"date": "2025-08-27T15:57:58+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-nxospc-pim6-vG4jFPh",
"initial_release_date": "2025-08-27T16:00:00+00:00",
"revision_history": [
{
"date": "2025-08-27T15:57:36+00:00",
"number": "1.0.0",
"summary": "Initial public release."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "9.2(1)",
"product": {
"name": "9.2(1)",
"product_id": "CSAFPID-248793"
}
},
{
"category": "service_pack",
"name": "9.2(2)",
"product": {
"name": "9.2(2)",
"product_id": "CSAFPID-265141"
}
},
{
"category": "service_pack",
"name": "9.2(2t)",
"product": {
"name": "9.2(2t)",
"product_id": "CSAFPID-265142"
}
},
{
"category": "service_pack",
"name": "9.2(3)",
"product": {
"name": "9.2(3)",
"product_id": "CSAFPID-265143"
}
},
{
"category": "service_pack",
"name": "9.2(3y)",
"product": {
"name": "9.2(3y)",
"product_id": "CSAFPID-265144"
}
},
{
"category": "service_pack",
"name": "9.2(4)",
"product": {
"name": "9.2(4)",
"product_id": "CSAFPID-267105"
}
},
{
"category": "service_pack",
"name": "9.2(2v)",
"product": {
"name": "9.2(2v)",
"product_id": "CSAFPID-268971"
}
}
],
"category": "product_version",
"name": "9.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.3(1)",
"product": {
"name": "9.3(1)",
"product_id": "CSAFPID-265568"
}
},
{
"category": "service_pack",
"name": "9.3(2)",
"product": {
"name": "9.3(2)",
"product_id": "CSAFPID-271405"
}
},
{
"category": "service_pack",
"name": "9.3(3)",
"product": {
"name": "9.3(3)",
"product_id": "CSAFPID-274557"
}
},
{
"category": "service_pack",
"name": "9.3(1z)",
"product": {
"name": "9.3(1z)",
"product_id": "CSAFPID-276381"
}
},
{
"category": "service_pack",
"name": "9.3(4)",
"product": {
"name": "9.3(4)",
"product_id": "CSAFPID-277347"
}
},
{
"category": "service_pack",
"name": "9.3(5)",
"product": {
"name": "9.3(5)",
"product_id": "CSAFPID-278882"
}
},
{
"category": "service_pack",
"name": "9.3(6)",
"product": {
"name": "9.3(6)",
"product_id": "CSAFPID-280558"
}
},
{
"category": "service_pack",
"name": "9.3(5w)",
"product": {
"name": "9.3(5w)",
"product_id": "CSAFPID-280940"
}
},
{
"category": "service_pack",
"name": "9.3(7)",
"product": {
"name": "9.3(7)",
"product_id": "CSAFPID-281984"
}
},
{
"category": "service_pack",
"name": "9.3(7k)",
"product": {
"name": "9.3(7k)",
"product_id": "CSAFPID-282019"
}
},
{
"category": "service_pack",
"name": "9.3(7a)",
"product": {
"name": "9.3(7a)",
"product_id": "CSAFPID-284264"
}
},
{
"category": "service_pack",
"name": "9.3(8)",
"product": {
"name": "9.3(8)",
"product_id": "CSAFPID-284316"
}
},
{
"category": "service_pack",
"name": "9.3(9)",
"product": {
"name": "9.3(9)",
"product_id": "CSAFPID-286439"
}
},
{
"category": "service_pack",
"name": "9.3(10)",
"product": {
"name": "9.3(10)",
"product_id": "CSAFPID-288219"
}
},
{
"category": "service_pack",
"name": "9.3(11)",
"product": {
"name": "9.3(11)",
"product_id": "CSAFPID-292868"
}
},
{
"category": "service_pack",
"name": "9.3(12)",
"product": {
"name": "9.3(12)",
"product_id": "CSAFPID-299968"
}
},
{
"category": "service_pack",
"name": "9.3(13)",
"product": {
"name": "9.3(13)",
"product_id": "CSAFPID-301137"
}
},
{
"category": "service_pack",
"name": "9.3(14)",
"product": {
"name": "9.3(14)",
"product_id": "CSAFPID-302873"
}
}
],
"category": "product_version",
"name": "9.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.1(1)",
"product": {
"name": "10.1(1)",
"product_id": "CSAFPID-281488"
}
},
{
"category": "service_pack",
"name": "10.1(2)",
"product": {
"name": "10.1(2)",
"product_id": "CSAFPID-282666"
}
},
{
"category": "service_pack",
"name": "10.1(2t)",
"product": {
"name": "10.1(2t)",
"product_id": "CSAFPID-286109"
}
}
],
"category": "product_version",
"name": "10.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.2(1)",
"product": {
"name": "10.2(1)",
"product_id": "CSAFPID-284574"
}
},
{
"category": "service_pack",
"name": "10.2(1q)",
"product": {
"name": "10.2(1q)",
"product_id": "CSAFPID-284892"
}
},
{
"category": "service_pack",
"name": "10.2(2)",
"product": {
"name": "10.2(2)",
"product_id": "CSAFPID-286098"
}
},
{
"category": "service_pack",
"name": "10.2(3)",
"product": {
"name": "10.2(3)",
"product_id": "CSAFPID-286833"
}
},
{
"category": "service_pack",
"name": "10.2(2a)",
"product": {
"name": "10.2(2a)",
"product_id": "CSAFPID-287105"
}
},
{
"category": "service_pack",
"name": "10.2(3t)",
"product": {
"name": "10.2(3t)",
"product_id": "CSAFPID-290556"
}
},
{
"category": "service_pack",
"name": "10.2(4)",
"product": {
"name": "10.2(4)",
"product_id": "CSAFPID-290620"
}
},
{
"category": "service_pack",
"name": "10.2(5)",
"product": {
"name": "10.2(5)",
"product_id": "CSAFPID-294841"
}
},
{
"category": "service_pack",
"name": "10.2(3v)",
"product": {
"name": "10.2(3v)",
"product_id": "CSAFPID-300117"
}
},
{
"category": "service_pack",
"name": "10.2(6)",
"product": {
"name": "10.2(6)",
"product_id": "CSAFPID-300748"
}
},
{
"category": "service_pack",
"name": "10.2(7)",
"product": {
"name": "10.2(7)",
"product_id": "CSAFPID-301277"
}
},
{
"category": "service_pack",
"name": "10.2(8)",
"product": {
"name": "10.2(8)",
"product_id": "CSAFPID-302635"
}
}
],
"category": "product_version",
"name": "10.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.3(1)",
"product": {
"name": "10.3(1)",
"product_id": "CSAFPID-289309"
}
},
{
"category": "service_pack",
"name": "10.3(2)",
"product": {
"name": "10.3(2)",
"product_id": "CSAFPID-292658"
}
},
{
"category": "service_pack",
"name": "10.3(3)",
"product": {
"name": "10.3(3)",
"product_id": "CSAFPID-295511"
}
},
{
"category": "service_pack",
"name": "10.3(99w)",
"product": {
"name": "10.3(99w)",
"product_id": "CSAFPID-299969"
}
},
{
"category": "service_pack",
"name": "10.3(3w)",
"product": {
"name": "10.3(3w)",
"product_id": "CSAFPID-300516"
}
},
{
"category": "service_pack",
"name": "10.3(99x)",
"product": {
"name": "10.3(99x)",
"product_id": "CSAFPID-300517"
}
},
{
"category": "service_pack",
"name": "10.3(3o)",
"product": {
"name": "10.3(3o)",
"product_id": "CSAFPID-300741"
}
},
{
"category": "service_pack",
"name": "10.3(4a)",
"product": {
"name": "10.3(4a)",
"product_id": "CSAFPID-300941"
}
},
{
"category": "service_pack",
"name": "10.3(3p)",
"product": {
"name": "10.3(3p)",
"product_id": "CSAFPID-300942"
}
},
{
"category": "service_pack",
"name": "10.3(4)",
"product": {
"name": "10.3(4)",
"product_id": "CSAFPID-301024"
}
},
{
"category": "service_pack",
"name": "10.3(3q)",
"product": {
"name": "10.3(3q)",
"product_id": "CSAFPID-301106"
}
},
{
"category": "service_pack",
"name": "10.3(3x)",
"product": {
"name": "10.3(3x)",
"product_id": "CSAFPID-301289"
}
},
{
"category": "service_pack",
"name": "10.3(5)",
"product": {
"name": "10.3(5)",
"product_id": "CSAFPID-301718"
}
},
{
"category": "service_pack",
"name": "10.3(4g)",
"product": {
"name": "10.3(4g)",
"product_id": "CSAFPID-301720"
}
},
{
"category": "service_pack",
"name": "10.3(3r)",
"product": {
"name": "10.3(3r)",
"product_id": "CSAFPID-302643"
}
},
{
"category": "service_pack",
"name": "10.3(6)",
"product": {
"name": "10.3(6)",
"product_id": "CSAFPID-302817"
}
},
{
"category": "service_pack",
"name": "10.3(4h)",
"product": {
"name": "10.3(4h)",
"product_id": "CSAFPID-302884"
}
}
],
"category": "product_version",
"name": "10.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.4(1)",
"product": {
"name": "10.4(1)",
"product_id": "CSAFPID-300515"
}
},
{
"category": "service_pack",
"name": "10.4(2)",
"product": {
"name": "10.4(2)",
"product_id": "CSAFPID-301115"
}
},
{
"category": "service_pack",
"name": "10.4(3)",
"product": {
"name": "10.4(3)",
"product_id": "CSAFPID-301568"
}
},
{
"category": "service_pack",
"name": "10.4(4)",
"product": {
"name": "10.4(4)",
"product_id": "CSAFPID-303016"
}
},
{
"category": "service_pack",
"name": "10.4(4g)",
"product": {
"name": "10.4(4g)",
"product_id": "CSAFPID-303719"
}
}
],
"category": "product_version",
"name": "10.4"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.5(1)",
"product": {
"name": "10.5(1)",
"product_id": "CSAFPID-302754"
}
},
{
"category": "service_pack",
"name": "10.5(2)",
"product": {
"name": "10.5(2)",
"product_id": "CSAFPID-303064"
}
}
],
"category": "product_version",
"name": "10.5"
}
],
"category": "product_family",
"name": "Cisco NX-OS Software"
},
{
"category": "product_name",
"name": "Cisco Nexus 3000 Series Switches",
"product": {
"name": "Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265091"
}
},
{
"category": "product_name",
"name": "Cisco Nexus 9000 Series Switches",
"product": {
"name": "Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265096"
}
}
],
"category": "vendor",
"name": "Cisco"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-248793:265091"
},
"product_reference": "CSAFPID-248793",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-248793:265096"
},
"product_reference": "CSAFPID-248793",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265141:265091"
},
"product_reference": "CSAFPID-265141",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265141:265096"
},
"product_reference": "CSAFPID-265141",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(2t) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265142:265091"
},
"product_reference": "CSAFPID-265142",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265143:265091"
},
"product_reference": "CSAFPID-265143",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265143:265096"
},
"product_reference": "CSAFPID-265143",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265144:265091"
},
"product_reference": "CSAFPID-265144",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265144:265096"
},
"product_reference": "CSAFPID-265144",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-267105:265091"
},
"product_reference": "CSAFPID-267105",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-267105:265096"
},
"product_reference": "CSAFPID-267105",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.2(2v) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-268971:265091"
},
"product_reference": "CSAFPID-268971",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265568:265091"
},
"product_reference": "CSAFPID-265568",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265568:265096"
},
"product_reference": "CSAFPID-265568",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-271405:265091"
},
"product_reference": "CSAFPID-271405",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-271405:265096"
},
"product_reference": "CSAFPID-271405",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-274557:265091"
},
"product_reference": "CSAFPID-274557",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-274557:265096"
},
"product_reference": "CSAFPID-274557",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(1z) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-276381:265096"
},
"product_reference": "CSAFPID-276381",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-277347:265091"
},
"product_reference": "CSAFPID-277347",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-277347:265096"
},
"product_reference": "CSAFPID-277347",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(5) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-278882:265091"
},
"product_reference": "CSAFPID-278882",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(5) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-278882:265096"
},
"product_reference": "CSAFPID-278882",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(6) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-280558:265091"
},
"product_reference": "CSAFPID-280558",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(6) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-280558:265096"
},
"product_reference": "CSAFPID-280558",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(5w) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-280940:265096"
},
"product_reference": "CSAFPID-280940",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-281984:265091"
},
"product_reference": "CSAFPID-281984",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-281984:265096"
},
"product_reference": "CSAFPID-281984",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7k) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-282019:265091"
},
"product_reference": "CSAFPID-282019",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7k) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-282019:265096"
},
"product_reference": "CSAFPID-282019",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7a) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-284264:265091"
},
"product_reference": "CSAFPID-284264",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(7a) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-284264:265096"
},
"product_reference": "CSAFPID-284264",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(8) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-284316:265091"
},
"product_reference": "CSAFPID-284316",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(8) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-284316:265096"
},
"product_reference": "CSAFPID-284316",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(9) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-286439:265091"
},
"product_reference": "CSAFPID-286439",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(9) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-286439:265096"
},
"product_reference": "CSAFPID-286439",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(10) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-288219:265091"
},
"product_reference": "CSAFPID-288219",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(10) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-288219:265096"
},
"product_reference": "CSAFPID-288219",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(11) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-292868:265091"
},
"product_reference": "CSAFPID-292868",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(11) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-292868:265096"
},
"product_reference": "CSAFPID-292868",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(12) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-299968:265091"
},
"product_reference": "CSAFPID-299968",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(12) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-299968:265096"
},
"product_reference": "CSAFPID-299968",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(13) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301137:265091"
},
"product_reference": "CSAFPID-301137",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(13) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301137:265096"
},
"product_reference": "CSAFPID-301137",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(14) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-302873:265091"
},
"product_reference": "CSAFPID-302873",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 9.3(14) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302873:265096"
},
"product_reference": "CSAFPID-302873",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.1(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-281488:265091"
},
"product_reference": "CSAFPID-281488",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.1(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-281488:265096"
},
"product_reference": "CSAFPID-281488",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.1(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-282666:265091"
},
"product_reference": "CSAFPID-282666",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.1(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-282666:265096"
},
"product_reference": "CSAFPID-282666",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.1(2t) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-286109:265091"
},
"product_reference": "CSAFPID-286109",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-284574:265091"
},
"product_reference": "CSAFPID-284574",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-284574:265096"
},
"product_reference": "CSAFPID-284574",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(1q) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-284892:265096"
},
"product_reference": "CSAFPID-284892",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-286098:265091"
},
"product_reference": "CSAFPID-286098",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-286098:265096"
},
"product_reference": "CSAFPID-286098",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-286833:265091"
},
"product_reference": "CSAFPID-286833",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-286833:265096"
},
"product_reference": "CSAFPID-286833",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(2a) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-287105:265096"
},
"product_reference": "CSAFPID-287105",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(3t) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-290556:265091"
},
"product_reference": "CSAFPID-290556",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-290620:265091"
},
"product_reference": "CSAFPID-290620",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-290620:265096"
},
"product_reference": "CSAFPID-290620",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(5) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-294841:265091"
},
"product_reference": "CSAFPID-294841",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(5) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-294841:265096"
},
"product_reference": "CSAFPID-294841",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(3v) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300117:265091"
},
"product_reference": "CSAFPID-300117",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(6) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300748:265091"
},
"product_reference": "CSAFPID-300748",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(6) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300748:265096"
},
"product_reference": "CSAFPID-300748",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(7) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301277:265091"
},
"product_reference": "CSAFPID-301277",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(7) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301277:265096"
},
"product_reference": "CSAFPID-301277",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(8) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-302635:265091"
},
"product_reference": "CSAFPID-302635",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.2(8) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302635:265096"
},
"product_reference": "CSAFPID-302635",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-289309:265091"
},
"product_reference": "CSAFPID-289309",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-289309:265096"
},
"product_reference": "CSAFPID-289309",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-292658:265091"
},
"product_reference": "CSAFPID-292658",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-292658:265096"
},
"product_reference": "CSAFPID-292658",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-295511:265091"
},
"product_reference": "CSAFPID-295511",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-295511:265096"
},
"product_reference": "CSAFPID-295511",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(99w) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-299969:265096"
},
"product_reference": "CSAFPID-299969",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3w) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300516:265096"
},
"product_reference": "CSAFPID-300516",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(99x) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300517:265096"
},
"product_reference": "CSAFPID-300517",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3o) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300741:265096"
},
"product_reference": "CSAFPID-300741",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300941:265091"
},
"product_reference": "CSAFPID-300941",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300941:265096"
},
"product_reference": "CSAFPID-300941",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3p) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300942:265096"
},
"product_reference": "CSAFPID-300942",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301024:265091"
},
"product_reference": "CSAFPID-301024",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301024:265096"
},
"product_reference": "CSAFPID-301024",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3q) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301106:265096"
},
"product_reference": "CSAFPID-301106",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3x) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301289:265096"
},
"product_reference": "CSAFPID-301289",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(5) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301718:265091"
},
"product_reference": "CSAFPID-301718",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(5) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301718:265096"
},
"product_reference": "CSAFPID-301718",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301720:265096"
},
"product_reference": "CSAFPID-301720",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3r) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302643:265096"
},
"product_reference": "CSAFPID-302643",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(6) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-302817:265091"
},
"product_reference": "CSAFPID-302817",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(6) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302817:265096"
},
"product_reference": "CSAFPID-302817",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302884:265096"
},
"product_reference": "CSAFPID-302884",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300515:265091"
},
"product_reference": "CSAFPID-300515",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300515:265096"
},
"product_reference": "CSAFPID-300515",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301115:265091"
},
"product_reference": "CSAFPID-301115",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301115:265096"
},
"product_reference": "CSAFPID-301115",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301568:265091"
},
"product_reference": "CSAFPID-301568",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301568:265096"
},
"product_reference": "CSAFPID-301568",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-303016:265091"
},
"product_reference": "CSAFPID-303016",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303016:265096"
},
"product_reference": "CSAFPID-303016",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(4g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303719:265096"
},
"product_reference": "CSAFPID-303719",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.5(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-302754:265091"
},
"product_reference": "CSAFPID-302754",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.5(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302754:265096"
},
"product_reference": "CSAFPID-302754",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.5(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-303064:265091"
},
"product_reference": "CSAFPID-303064",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.5(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303064:265096"
},
"product_reference": "CSAFPID-303064",
"relates_to_product_reference": "CSAFPID-265096"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20262",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwn69044"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-248793:265091",
"CSAFPID-248793:265096",
"CSAFPID-265141:265091",
"CSAFPID-265141:265096",
"CSAFPID-265142:265091",
"CSAFPID-265143:265091",
"CSAFPID-265143:265096",
"CSAFPID-265144:265091",
"CSAFPID-265144:265096",
"CSAFPID-265568:265091",
"CSAFPID-265568:265096",
"CSAFPID-267105:265091",
"CSAFPID-267105:265096",
"CSAFPID-268971:265091",
"CSAFPID-271405:265091",
"CSAFPID-271405:265096",
"CSAFPID-274557:265091",
"CSAFPID-274557:265096",
"CSAFPID-276381:265096",
"CSAFPID-277347:265091",
"CSAFPID-277347:265096",
"CSAFPID-278882:265091",
"CSAFPID-278882:265096",
"CSAFPID-280558:265091",
"CSAFPID-280558:265096",
"CSAFPID-280940:265096",
"CSAFPID-281488:265091",
"CSAFPID-281488:265096",
"CSAFPID-281984:265091",
"CSAFPID-281984:265096",
"CSAFPID-282019:265091",
"CSAFPID-282019:265096",
"CSAFPID-282666:265091",
"CSAFPID-282666:265096",
"CSAFPID-284264:265091",
"CSAFPID-284264:265096",
"CSAFPID-284316:265091",
"CSAFPID-284316:265096",
"CSAFPID-284574:265091",
"CSAFPID-284574:265096",
"CSAFPID-284892:265096",
"CSAFPID-286098:265091",
"CSAFPID-286098:265096",
"CSAFPID-286109:265091",
"CSAFPID-286439:265091",
"CSAFPID-286439:265096",
"CSAFPID-286833:265091",
"CSAFPID-286833:265096",
"CSAFPID-287105:265096",
"CSAFPID-288219:265091",
"CSAFPID-288219:265096",
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-290556:265091",
"CSAFPID-290620:265091",
"CSAFPID-290620:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-292868:265091",
"CSAFPID-292868:265096",
"CSAFPID-294841:265091",
"CSAFPID-294841:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299968:265091",
"CSAFPID-299968:265096",
"CSAFPID-299969:265096",
"CSAFPID-300117:265091",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300748:265091",
"CSAFPID-300748:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301137:265091",
"CSAFPID-301137:265096",
"CSAFPID-301277:265091",
"CSAFPID-301277:265096",
"CSAFPID-301289:265096",
"CSAFPID-301568:265091",
"CSAFPID-301568:265096",
"CSAFPID-301718:265091",
"CSAFPID-301718:265096",
"CSAFPID-301720:265096",
"CSAFPID-302635:265091",
"CSAFPID-302635:265096",
"CSAFPID-302643:265096",
"CSAFPID-302754:265091",
"CSAFPID-302754:265096",
"CSAFPID-302817:265091",
"CSAFPID-302817:265096",
"CSAFPID-302873:265091",
"CSAFPID-302873:265096",
"CSAFPID-302884:265096",
"CSAFPID-303016:265091",
"CSAFPID-303016:265096",
"CSAFPID-303064:265091",
"CSAFPID-303064:265096",
"CSAFPID-303719:265096"
]
},
"release_date": "2025-08-27T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-248793:265091",
"CSAFPID-248793:265096",
"CSAFPID-265141:265091",
"CSAFPID-265141:265096",
"CSAFPID-265142:265091",
"CSAFPID-265143:265091",
"CSAFPID-265143:265096",
"CSAFPID-265144:265091",
"CSAFPID-265144:265096",
"CSAFPID-265568:265091",
"CSAFPID-265568:265096",
"CSAFPID-267105:265091",
"CSAFPID-267105:265096",
"CSAFPID-268971:265091",
"CSAFPID-271405:265091",
"CSAFPID-271405:265096",
"CSAFPID-274557:265091",
"CSAFPID-274557:265096",
"CSAFPID-276381:265096",
"CSAFPID-277347:265091",
"CSAFPID-277347:265096",
"CSAFPID-278882:265091",
"CSAFPID-278882:265096",
"CSAFPID-280558:265091",
"CSAFPID-280558:265096",
"CSAFPID-280940:265096",
"CSAFPID-281488:265091",
"CSAFPID-281488:265096",
"CSAFPID-281984:265091",
"CSAFPID-281984:265096",
"CSAFPID-282019:265091",
"CSAFPID-282019:265096",
"CSAFPID-282666:265091",
"CSAFPID-282666:265096",
"CSAFPID-284264:265091",
"CSAFPID-284264:265096",
"CSAFPID-284316:265091",
"CSAFPID-284316:265096",
"CSAFPID-284574:265091",
"CSAFPID-284574:265096",
"CSAFPID-284892:265096",
"CSAFPID-286098:265091",
"CSAFPID-286098:265096",
"CSAFPID-286109:265091",
"CSAFPID-286439:265091",
"CSAFPID-286439:265096",
"CSAFPID-286833:265091",
"CSAFPID-286833:265096",
"CSAFPID-287105:265096",
"CSAFPID-288219:265091",
"CSAFPID-288219:265096",
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-290556:265091",
"CSAFPID-290620:265091",
"CSAFPID-290620:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-292868:265091",
"CSAFPID-292868:265096",
"CSAFPID-294841:265091",
"CSAFPID-294841:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299968:265091",
"CSAFPID-299968:265096",
"CSAFPID-299969:265096",
"CSAFPID-300117:265091",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300748:265091",
"CSAFPID-300748:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301137:265091",
"CSAFPID-301137:265096",
"CSAFPID-301277:265091",
"CSAFPID-301277:265096",
"CSAFPID-301289:265096",
"CSAFPID-301568:265091",
"CSAFPID-301568:265096",
"CSAFPID-301718:265091",
"CSAFPID-301718:265096",
"CSAFPID-301720:265096",
"CSAFPID-302635:265091",
"CSAFPID-302635:265096",
"CSAFPID-302643:265096",
"CSAFPID-302754:265091",
"CSAFPID-302754:265096",
"CSAFPID-302817:265091",
"CSAFPID-302817:265096",
"CSAFPID-302873:265091",
"CSAFPID-302873:265096",
"CSAFPID-302884:265096",
"CSAFPID-303016:265091",
"CSAFPID-303016:265096",
"CSAFPID-303064:265091",
"CSAFPID-303064:265096",
"CSAFPID-303719:265096"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-248793:265091",
"CSAFPID-248793:265096",
"CSAFPID-265141:265091",
"CSAFPID-265141:265096",
"CSAFPID-265142:265091",
"CSAFPID-265143:265091",
"CSAFPID-265143:265096",
"CSAFPID-265144:265091",
"CSAFPID-265144:265096",
"CSAFPID-265568:265091",
"CSAFPID-265568:265096",
"CSAFPID-267105:265091",
"CSAFPID-267105:265096",
"CSAFPID-268971:265091",
"CSAFPID-271405:265091",
"CSAFPID-271405:265096",
"CSAFPID-274557:265091",
"CSAFPID-274557:265096",
"CSAFPID-276381:265096",
"CSAFPID-277347:265091",
"CSAFPID-277347:265096",
"CSAFPID-278882:265091",
"CSAFPID-278882:265096",
"CSAFPID-280558:265091",
"CSAFPID-280558:265096",
"CSAFPID-280940:265096",
"CSAFPID-281488:265091",
"CSAFPID-281488:265096",
"CSAFPID-281984:265091",
"CSAFPID-281984:265096",
"CSAFPID-282019:265091",
"CSAFPID-282019:265096",
"CSAFPID-282666:265091",
"CSAFPID-282666:265096",
"CSAFPID-284264:265091",
"CSAFPID-284264:265096",
"CSAFPID-284316:265091",
"CSAFPID-284316:265096",
"CSAFPID-284574:265091",
"CSAFPID-284574:265096",
"CSAFPID-284892:265096",
"CSAFPID-286098:265091",
"CSAFPID-286098:265096",
"CSAFPID-286109:265091",
"CSAFPID-286439:265091",
"CSAFPID-286439:265096",
"CSAFPID-286833:265091",
"CSAFPID-286833:265096",
"CSAFPID-287105:265096",
"CSAFPID-288219:265091",
"CSAFPID-288219:265096",
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-290556:265091",
"CSAFPID-290620:265091",
"CSAFPID-290620:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-292868:265091",
"CSAFPID-292868:265096",
"CSAFPID-294841:265091",
"CSAFPID-294841:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299968:265091",
"CSAFPID-299968:265096",
"CSAFPID-299969:265096",
"CSAFPID-300117:265091",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300748:265091",
"CSAFPID-300748:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301137:265091",
"CSAFPID-301137:265096",
"CSAFPID-301277:265091",
"CSAFPID-301277:265096",
"CSAFPID-301289:265096",
"CSAFPID-301568:265091",
"CSAFPID-301568:265096",
"CSAFPID-301718:265091",
"CSAFPID-301718:265096",
"CSAFPID-301720:265096",
"CSAFPID-302635:265091",
"CSAFPID-302635:265096",
"CSAFPID-302643:265096",
"CSAFPID-302754:265091",
"CSAFPID-302754:265096",
"CSAFPID-302817:265091",
"CSAFPID-302817:265096",
"CSAFPID-302873:265091",
"CSAFPID-302873:265096",
"CSAFPID-302884:265096",
"CSAFPID-303016:265091",
"CSAFPID-303016:265096",
"CSAFPID-303064:265091",
"CSAFPID-303064:265096",
"CSAFPID-303719:265096"
]
}
],
"title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability"
}
]
}
FKIE_CVE-2025-20262
Vulnerability from fkie_nvd - Published: 2025-08-27 17:15 - Updated: 2026-04-15 00:35
Severity
Summary
A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Protocol Independent Multicast Version 6 (PIM6) de los switches Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios provoque un bloqueo del proceso PIM6, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de las consultas de datos ef\u00edmeros de PIM6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta ef\u00edmera manipulada a un dispositivo afectado mediante uno de los siguientes m\u00e9todos: NX-API REST, NETCONF, RESTConf, gRPC o telemetr\u00eda basada en modelos. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar el bloqueo y reinicio del proceso PIM6, lo que podr\u00eda causar fluctuaciones de adyacencia y una denegaci\u00f3n de servicio (DoS) de PIM6 y los procesos de consulta ef\u00edmera."
}
],
"id": "CVE-2025-20262",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-08-27T17:15:34.873",
"references": [
{
"source": "psirt@cisco.com",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
GHSA-3Q92-5VPF-96PW
Vulnerability from github – Published: 2025-08-27 18:31 – Updated: 2025-08-27 18:31
VLAI
Details
A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
Severity
5.0 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-20262"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-27T17:15:34Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.",
"id": "GHSA-3q92-5vpf-96pw",
"modified": "2025-08-27T18:31:54Z",
"published": "2025-08-27T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20262"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
NCSC-2025-0270
Vulnerability from csaf_ncscnl - Published: 2025-08-28 08:36 - Updated: 2025-08-28 08:36Summary
Kwetsbaarheden verholpen in Cisco NX-OS Software
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software (Specifiek voor Nexus 3000 en 9000 Series Switches).
Interpretaties: De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software. Een kwetsbaarheid in de command-line interface (CLI) stelt geauthenticeerde lokale kwaadwillenden in staat om command injection-aanvallen uit te voeren, wat kan leiden tot ongeautoriseerde toegang en manipulatie van systeembestanden. Een andere kwetsbaarheid in de IS-IS-functie kan door een niet-geauthenticeerde, aangrenzende aanvaller worden misbruikt, wat kan resulteren in een denial-of-service (DoS) situatie. Daarnaast kan een kwetsbaarheid in de loggingfunctie leiden tot ongeautoriseerde toegang tot gevoelige informatie. Tot slot kan de PIM6-functie worden gecompromitteerd door laaggeprivilegieerde geauthenticeerde externe kwaadwillenden, wat ook kan leiden tot een DoS-conditie.
Oplossingen: Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-476: NULL Pointer Dereference
CWE-733: Compiler Optimization Removal or Modification of Security-critical Code
4.4 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:cisco/unknown
Cisco / Cisco Nexus 3000 Series Switches
|
vers:cisco/unknown | ||
|
vers:cisco/unknown
Cisco / Cisco Nexus 9000 Series Switches
|
vers:cisco/unknown |
7.4 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:cisco/unknown
Cisco / Cisco Nexus 3000 Series Switches
|
vers:cisco/unknown | ||
|
vers:cisco/unknown
Cisco / Cisco Nexus 9000 Series Switches
|
vers:cisco/unknown |
5.5 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:cisco/unknown
Cisco / Cisco Nexus 3000 Series Switches
|
vers:cisco/unknown | ||
|
vers:cisco/unknown
Cisco / Cisco Nexus 9000 Series Switches
|
vers:cisco/unknown |
5.0 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:cisco/unknown
Cisco / Cisco Nexus 3000 Series Switches
|
vers:cisco/unknown | ||
|
vers:cisco/unknown
Cisco / Cisco Nexus 9000 Series Switches
|
vers:cisco/unknown |
References
8 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software (Specifiek voor Nexus 3000 en 9000 Series Switches).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software. Een kwetsbaarheid in de command-line interface (CLI) stelt geauthenticeerde lokale kwaadwillenden in staat om command injection-aanvallen uit te voeren, wat kan leiden tot ongeautoriseerde toegang en manipulatie van systeembestanden. Een andere kwetsbaarheid in de IS-IS-functie kan door een niet-geauthenticeerde, aangrenzende aanvaller worden misbruikt, wat kan resulteren in een denial-of-service (DoS) situatie. Daarnaast kan een kwetsbaarheid in de loggingfunctie leiden tot ongeautoriseerde toegang tot gevoelige informatie. Tot slot kan de PIM6-functie worden gecompromitteerd door laaggeprivilegieerde geauthenticeerde externe kwaadwillenden, wat ook kan leiden tot een DoS-conditie.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Compiler Optimization Removal or Modification of Security-critical Code",
"title": "CWE-733"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-infodis-TEcTYSFG"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
}
],
"title": "Kwetsbaarheden verholpen in Cisco NX-OS Software",
"tracking": {
"current_release_date": "2025-08-28T08:36:20.358948Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.2"
}
},
"id": "NCSC-2025-0270",
"initial_release_date": "2025-08-28T08:36:20.358948Z",
"revision_history": [
{
"date": "2025-08-28T08:36:20.358948Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:cisco/unknown",
"product": {
"name": "vers:cisco/unknown",
"product_id": "CSAFPID-1430324"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 3000 Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:cisco/unknown",
"product": {
"name": "vers:cisco/unknown",
"product_id": "CSAFPID-1430399"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 9000 Series Switches"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20292",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20292 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20292.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
}
],
"title": "CVE-2025-20292"
},
{
"cve": "CVE-2025-20241",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"notes": [
{
"category": "other",
"text": "Compiler Optimization Removal or Modification of Security-critical Code",
"title": "CWE-733"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20241 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20241.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
}
],
"title": "CVE-2025-20241"
},
{
"cve": "CVE-2025-20290",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20290 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20290.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
}
],
"title": "CVE-2025-20290"
},
{
"cve": "CVE-2025-20262",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20262 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1430324",
"CSAFPID-1430399"
]
}
],
"title": "CVE-2025-20262"
}
]
}
NCSC-2025-0287
Vulnerability from csaf_ncscnl - Published: 2025-09-11 08:18 - Updated: 2025-09-11 08:18Summary
Kwetsbaarheden verholpen in Cisco NX-OS Software
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software voor Nexus 3000 en 9000 Series Switches.
Interpretaties: De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software, waaronder IS-IS, PIM6, logging, command-line interface (CLI), en de REST API van de Nexus Dashboard. Deze kwetsbaarheden kunnen worden misbruikt door zowel geauthenticeerde als niet-geauthenticeerde aanvallers om Denial-of-Service (DoS) te veroorzaken, ongeautoriseerde toegang tot gevoelige informatie te verkrijgen, en zelfs rootprivileges op de apparaten te verkrijgen. De ernst van deze kwetsbaarheden vereist onmiddellijke aandacht van beveiligingsbeheerders die deze apparaten beheren.
Oplossingen: Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-201: Insertion of Sensitive Information Into Sent Data
CWE-476: NULL Pointer Dereference
CWE-693: Protection Mechanism Failure
CWE-733: Compiler Optimization Removal or Modification of Security-critical Code
7.4 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
5.0 (Medium)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
5.5 (Medium)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
4.4 (Medium)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
5.4 (Medium)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
5.0 (Medium)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Cisco / Cisco Data Center Network Manager
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco MDS 9000 Multilayer Directors and Fabric Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS Software
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco NX-OS System Software in ACI Mode
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 1000V Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 3000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 5000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 7000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus 9000 Series Switches
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Cisco Unified Computing System (Managed)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / NX-OS
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Nexus Dashboard Fabric Controller
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / Unified Computing System (UCS)
|
vers:unknown/* | ||
|
vers:unknown/*
Cisco / nx-os_aci_mode
|
vers:unknown/* |
References
13 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software voor Nexus 3000 en 9000 Series Switches.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software, waaronder IS-IS, PIM6, logging, command-line interface (CLI), en de REST API van de Nexus Dashboard. Deze kwetsbaarheden kunnen worden misbruikt door zowel geauthenticeerde als niet-geauthenticeerde aanvallers om Denial-of-Service (DoS) te veroorzaken, ongeautoriseerde toegang tot gevoelige informatie te verkrijgen, en zelfs rootprivileges op de apparaten te verkrijgen. De ernst van deze kwetsbaarheden vereist onmiddellijke aandacht van beveiligingsbeheerders die deze apparaten beheren.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "Compiler Optimization Removal or Modification of Security-critical Code",
"title": "CWE-733"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ptrs-XU2Fm2Wb"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nshs-urapi-gJuBVFpu"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-infodis-TEcTYSFG"
},
{
"category": "external",
"summary": "Reference",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
}
],
"title": "Kwetsbaarheden verholpen in Cisco NX-OS Software",
"tracking": {
"current_release_date": "2025-09-11T08:18:37.706725Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0287",
"initial_release_date": "2025-09-11T08:18:37.706725Z",
"revision_history": [
{
"date": "2025-09-11T08:18:37.706725Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Cisco Data Center Network Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Cisco MDS 9000 Multilayer Directors and Fabric Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Cisco NX-OS Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Cisco NX-OS System Software in ACI Mode"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 1000V Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 3000 Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 5000 Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 7000 Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Cisco Nexus 9000 Series Switches"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Cisco Nexus Dashboard"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Cisco Unified Computing System (Managed)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "NX-OS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Nexus Dashboard"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Nexus Dashboard Fabric Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Unified Computing System (UCS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "nx-os_aci_mode"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20241",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"notes": [
{
"category": "other",
"text": "Compiler Optimization Removal or Modification of Security-critical Code",
"title": "CWE-733"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20241 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20241.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20241"
},
{
"cve": "CVE-2025-20262",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20262 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20262"
},
{
"cve": "CVE-2025-20290",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20290 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20290.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20290"
},
{
"cve": "CVE-2025-20292",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20292 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20292.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20292"
},
{
"cve": "CVE-2025-20344",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20344 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20344.json"
}
],
"title": "CVE-2025-20344"
},
{
"cve": "CVE-2025-20347",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "other",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20347 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20347.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20347"
},
{
"cve": "CVE-2025-20348",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-20348 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20348.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17"
]
}
],
"title": "CVE-2025-20348"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…