cvelistv5 - cve-2025-20262

CVE-2025-20262 (GCVE-0-2025-20262)

Vulnerability from cvelistv5

Published

2025-08-27 16:23

Modified

2025-08-27 18:19

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-476 - NULL Pointer Dereference

Summary

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh

Impacted products

	Vendor	Product	Version
	Cisco	Cisco NX-OS Software	Version: 9.2(3) Version: 9.2(2v) Version: 9.2(1) Version: 9.2(2t) Version: 9.2(3y) Version: 9.3(2) Version: 9.2(4) Version: 9.3(1) Version: 9.3(1z) Version: 9.2(2) Version: 9.3(3) Version: 9.3(4) Version: 9.3(5) Version: 9.3(6) Version: 10.1(2) Version: 10.1(1) Version: 9.3(5w) Version: 9.3(7) Version: 9.3(7k) Version: 10.2(1) Version: 9.3(7a) Version: 9.3(8) Version: 10.2(1q) Version: 10.2(2) Version: 9.3(9) Version: 10.1(2t) Version: 10.2(3) Version: 10.2(3t) Version: 9.3(10) Version: 10.2(2a) Version: 10.3(1) Version: 10.2(4) Version: 10.3(2) Version: 9.3(11) Version: 10.3(3) Version: 10.2(5) Version: 9.3(12) Version: 10.2(3v) Version: 10.4(1) Version: 10.3(99w) Version: 10.2(6) Version: 10.3(3w) Version: 10.3(99x) Version: 10.3(3o) Version: 10.3(4) Version: 10.3(3p) Version: 10.3(4a) Version: 10.4(2) Version: 10.3(3q) Version: 9.3(13) Version: 10.3(5) Version: 10.2(7) Version: 10.4(3) Version: 10.3(3x) Version: 10.3(4g) Version: 10.5(1) Version: 10.2(8) Version: 10.3(3r) Version: 10.3(6) Version: 9.3(14) Version: 10.4(4) Version: 10.3(4h) Version: 10.5(2) Version: 10.4(4g)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20262",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-27T18:19:06.153576Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T18:19:53.930Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco NX-OS Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "9.2(3)"
            },
            {
              "status": "affected",
              "version": "9.2(2v)"
            },
            {
              "status": "affected",
              "version": "9.2(1)"
            },
            {
              "status": "affected",
              "version": "9.2(2t)"
            },
            {
              "status": "affected",
              "version": "9.2(3y)"
            },
            {
              "status": "affected",
              "version": "9.3(2)"
            },
            {
              "status": "affected",
              "version": "9.2(4)"
            },
            {
              "status": "affected",
              "version": "9.3(1)"
            },
            {
              "status": "affected",
              "version": "9.3(1z)"
            },
            {
              "status": "affected",
              "version": "9.2(2)"
            },
            {
              "status": "affected",
              "version": "9.3(3)"
            },
            {
              "status": "affected",
              "version": "9.3(4)"
            },
            {
              "status": "affected",
              "version": "9.3(5)"
            },
            {
              "status": "affected",
              "version": "9.3(6)"
            },
            {
              "status": "affected",
              "version": "10.1(2)"
            },
            {
              "status": "affected",
              "version": "10.1(1)"
            },
            {
              "status": "affected",
              "version": "9.3(5w)"
            },
            {
              "status": "affected",
              "version": "9.3(7)"
            },
            {
              "status": "affected",
              "version": "9.3(7k)"
            },
            {
              "status": "affected",
              "version": "10.2(1)"
            },
            {
              "status": "affected",
              "version": "9.3(7a)"
            },
            {
              "status": "affected",
              "version": "9.3(8)"
            },
            {
              "status": "affected",
              "version": "10.2(1q)"
            },
            {
              "status": "affected",
              "version": "10.2(2)"
            },
            {
              "status": "affected",
              "version": "9.3(9)"
            },
            {
              "status": "affected",
              "version": "10.1(2t)"
            },
            {
              "status": "affected",
              "version": "10.2(3)"
            },
            {
              "status": "affected",
              "version": "10.2(3t)"
            },
            {
              "status": "affected",
              "version": "9.3(10)"
            },
            {
              "status": "affected",
              "version": "10.2(2a)"
            },
            {
              "status": "affected",
              "version": "10.3(1)"
            },
            {
              "status": "affected",
              "version": "10.2(4)"
            },
            {
              "status": "affected",
              "version": "10.3(2)"
            },
            {
              "status": "affected",
              "version": "9.3(11)"
            },
            {
              "status": "affected",
              "version": "10.3(3)"
            },
            {
              "status": "affected",
              "version": "10.2(5)"
            },
            {
              "status": "affected",
              "version": "9.3(12)"
            },
            {
              "status": "affected",
              "version": "10.2(3v)"
            },
            {
              "status": "affected",
              "version": "10.4(1)"
            },
            {
              "status": "affected",
              "version": "10.3(99w)"
            },
            {
              "status": "affected",
              "version": "10.2(6)"
            },
            {
              "status": "affected",
              "version": "10.3(3w)"
            },
            {
              "status": "affected",
              "version": "10.3(99x)"
            },
            {
              "status": "affected",
              "version": "10.3(3o)"
            },
            {
              "status": "affected",
              "version": "10.3(4)"
            },
            {
              "status": "affected",
              "version": "10.3(3p)"
            },
            {
              "status": "affected",
              "version": "10.3(4a)"
            },
            {
              "status": "affected",
              "version": "10.4(2)"
            },
            {
              "status": "affected",
              "version": "10.3(3q)"
            },
            {
              "status": "affected",
              "version": "9.3(13)"
            },
            {
              "status": "affected",
              "version": "10.3(5)"
            },
            {
              "status": "affected",
              "version": "10.2(7)"
            },
            {
              "status": "affected",
              "version": "10.4(3)"
            },
            {
              "status": "affected",
              "version": "10.3(3x)"
            },
            {
              "status": "affected",
              "version": "10.3(4g)"
            },
            {
              "status": "affected",
              "version": "10.5(1)"
            },
            {
              "status": "affected",
              "version": "10.2(8)"
            },
            {
              "status": "affected",
              "version": "10.3(3r)"
            },
            {
              "status": "affected",
              "version": "10.3(6)"
            },
            {
              "status": "affected",
              "version": "9.3(14)"
            },
            {
              "status": "affected",
              "version": "10.4(4)"
            },
            {
              "status": "affected",
              "version": "10.3(4h)"
            },
            {
              "status": "affected",
              "version": "10.5(2)"
            },
            {
              "status": "affected",
              "version": "10.4(4g)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-27T16:23:46.232Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-nxospc-pim6-vG4jFPh",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
        }
      ],
      "source": {
        "advisory": "cisco-sa-nxospc-pim6-vG4jFPh",
        "defects": [
          "CSCwn69044"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20262",
    "datePublished": "2025-08-27T16:23:46.232Z",
    "dateReserved": "2024-10-10T19:15:13.243Z",
    "dateUpdated": "2025-08-27T18:19:53.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-20262\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-08-27T17:15:34.873\",\"lastModified\":\"2025-08-29T16:24:09.860\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\\r\\n\\r\\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funci\u00f3n Protocol Independent Multicast Version 6 (PIM6) de los switches Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios provoque un bloqueo del proceso PIM6, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de las consultas de datos ef\u00edmeros de PIM6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta ef\u00edmera manipulada a un dispositivo afectado mediante uno de los siguientes m\u00e9todos: NX-API REST, NETCONF, RESTConf, gRPC o telemetr\u00eda basada en modelos. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar el bloqueo y reinicio del proceso PIM6, lo que podr\u00eda causar fluctuaciones de adyacencia y una denegaci\u00f3n de servicio (DoS) de PIM6 y los procesos de consulta ef\u00edmera.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20262\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-27T18:19:06.153576Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T18:19:34.642Z\"}}], \"cna\": {\"title\": \"Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability\", \"source\": {\"defects\": [\"CSCwn69044\"], \"advisory\": \"cisco-sa-nxospc-pim6-vG4jFPh\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco NX-OS Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.2(3)\"}, {\"status\": \"affected\", \"version\": \"9.2(2v)\"}, {\"status\": \"affected\", \"version\": \"9.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.2(2t)\"}, {\"status\": \"affected\", \"version\": \"9.2(3y)\"}, {\"status\": \"affected\", \"version\": \"9.3(2)\"}, {\"status\": \"affected\", \"version\": \"9.2(4)\"}, {\"status\": \"affected\", \"version\": \"9.3(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(1z)\"}, {\"status\": \"affected\", \"version\": \"9.2(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(3)\"}, {\"status\": \"affected\", \"version\": \"9.3(4)\"}, {\"status\": \"affected\", \"version\": \"9.3(5)\"}, {\"status\": \"affected\", \"version\": \"9.3(6)\"}, {\"status\": \"affected\", \"version\": \"10.1(2)\"}, {\"status\": \"affected\", \"version\": \"10.1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(5w)\"}, {\"status\": \"affected\", \"version\": \"9.3(7)\"}, {\"status\": \"affected\", \"version\": \"9.3(7k)\"}, {\"status\": \"affected\", \"version\": \"10.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(7a)\"}, {\"status\": \"affected\", \"version\": \"9.3(8)\"}, {\"status\": \"affected\", \"version\": \"10.2(1q)\"}, {\"status\": \"affected\", \"version\": \"10.2(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(9)\"}, {\"status\": \"affected\", \"version\": \"10.1(2t)\"}, {\"status\": \"affected\", \"version\": \"10.2(3)\"}, {\"status\": \"affected\", \"version\": \"10.2(3t)\"}, {\"status\": \"affected\", \"version\": \"9.3(10)\"}, {\"status\": \"affected\", \"version\": \"10.2(2a)\"}, {\"status\": \"affected\", \"version\": \"10.3(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(11)\"}, {\"status\": \"affected\", \"version\": \"10.3(3)\"}, {\"status\": \"affected\", \"version\": \"10.2(5)\"}, {\"status\": \"affected\", \"version\": \"9.3(12)\"}, {\"status\": \"affected\", \"version\": \"10.2(3v)\"}, {\"status\": \"affected\", \"version\": \"10.4(1)\"}, {\"status\": \"affected\", \"version\": \"10.3(99w)\"}, {\"status\": \"affected\", \"version\": \"10.2(6)\"}, {\"status\": \"affected\", \"version\": \"10.3(3w)\"}, {\"status\": \"affected\", \"version\": \"10.3(99x)\"}, {\"status\": \"affected\", \"version\": \"10.3(3o)\"}, {\"status\": \"affected\", \"version\": \"10.3(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(3p)\"}, {\"status\": \"affected\", \"version\": \"10.3(4a)\"}, {\"status\": \"affected\", \"version\": \"10.4(2)\"}, {\"status\": \"affected\", \"version\": \"10.3(3q)\"}, {\"status\": \"affected\", \"version\": \"9.3(13)\"}, {\"status\": \"affected\", \"version\": \"10.3(5)\"}, {\"status\": \"affected\", \"version\": \"10.2(7)\"}, {\"status\": \"affected\", \"version\": \"10.4(3)\"}, {\"status\": \"affected\", \"version\": \"10.3(3x)\"}, {\"status\": \"affected\", \"version\": \"10.3(4g)\"}, {\"status\": \"affected\", \"version\": \"10.5(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(8)\"}, {\"status\": \"affected\", \"version\": \"10.3(3r)\"}, {\"status\": \"affected\", \"version\": \"10.3(6)\"}, {\"status\": \"affected\", \"version\": \"9.3(14)\"}, {\"status\": \"affected\", \"version\": \"10.4(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(4h)\"}, {\"status\": \"affected\", \"version\": \"10.5(2)\"}, {\"status\": \"affected\", \"version\": \"10.4(4g)\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh\", \"name\": \"cisco-sa-nxospc-pim6-vG4jFPh\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\\r\\n\\r\\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-476\", \"description\": \"NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-08-27T16:23:46.232Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-20262\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T18:19:53.930Z\", \"dateReserved\": \"2024-10-10T19:15:13.243Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-08-27T16:23:46.232Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ncsc-2025-0270

Vulnerability from csaf_ncscnl

Published

2025-08-28 08:36

Modified

2025-08-28 08:36

Summary

Kwetsbaarheden verholpen in Cisco NX-OS Software

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software (Specifiek voor Nexus 3000 en 9000 Series Switches).

Interpretaties

De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software. Een kwetsbaarheid in de command-line interface (CLI) stelt geauthenticeerde lokale kwaadwillenden in staat om command injection-aanvallen uit te voeren, wat kan leiden tot ongeautoriseerde toegang en manipulatie van systeembestanden. Een andere kwetsbaarheid in de IS-IS-functie kan door een niet-geauthenticeerde, aangrenzende aanvaller worden misbruikt, wat kan resulteren in een denial-of-service (DoS) situatie. Daarnaast kan een kwetsbaarheid in de loggingfunctie leiden tot ongeautoriseerde toegang tot gevoelige informatie. Tot slot kan de PIM6-functie worden gecompromitteerd door laaggeprivilegieerde geauthenticeerde externe kwaadwillenden, wat ook kan leiden tot een DoS-conditie.

Oplossingen

Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-476

NULL Pointer Dereference

CWE-733

Compiler Optimization Removal or Modification of Security-critical Code

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Cisco heeft kwetsbaarheden verholpen in Cisco NX-OS Software (Specifiek voor Nexus 3000 en 9000 Series Switches).",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden bevinden zich in verschillende functies van de Cisco NX-OS Software. Een kwetsbaarheid in de command-line interface (CLI) stelt geauthenticeerde lokale kwaadwillenden in staat om command injection-aanvallen uit te voeren, wat kan leiden tot ongeautoriseerde toegang en manipulatie van systeembestanden. Een andere kwetsbaarheid in de IS-IS-functie kan door een niet-geauthenticeerde, aangrenzende aanvaller worden misbruikt, wat kan resulteren in een denial-of-service (DoS) situatie. Daarnaast kan een kwetsbaarheid in de loggingfunctie leiden tot ongeautoriseerde toegang tot gevoelige informatie. Tot slot kan de PIM6-functie worden gecompromitteerd door laaggeprivilegieerde geauthenticeerde externe kwaadwillenden, wat ook kan leiden tot een DoS-conditie.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Cisco heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Compiler Optimization Removal or Modification of Security-critical Code",
        "title": "CWE-733"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-infodis-TEcTYSFG"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Cisco NX-OS Software",
    "tracking": {
      "current_release_date": "2025-08-28T08:36:20.358948Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.2"
        }
      },
      "id": "NCSC-2025-0270",
      "initial_release_date": "2025-08-28T08:36:20.358948Z",
      "revision_history": [
        {
          "date": "2025-08-28T08:36:20.358948Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:cisco/unknown",
                "product": {
                  "name": "vers:cisco/unknown",
                  "product_id": "CSAFPID-1430324"
                }
              }
            ],
            "category": "product_name",
            "name": "Cisco Nexus 3000 Series Switches"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:cisco/unknown",
                "product": {
                  "name": "vers:cisco/unknown",
                  "product_id": "CSAFPID-1430399"
                }
              }
            ],
            "category": "product_name",
            "name": "Cisco Nexus 9000 Series Switches"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1430324",
          "CSAFPID-1430399"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20292 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20292.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1430324",
            "CSAFPID-1430399"
          ]
        }
      ],
      "title": "CVE-2025-20292"
    },
    {
      "cve": "CVE-2025-20241",
      "cwe": {
        "id": "CWE-733",
        "name": "Compiler Optimization Removal or Modification of Security-critical Code"
      },
      "notes": [
        {
          "category": "other",
          "text": "Compiler Optimization Removal or Modification of Security-critical Code",
          "title": "CWE-733"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1430324",
          "CSAFPID-1430399"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20241 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20241.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1430324",
            "CSAFPID-1430399"
          ]
        }
      ],
      "title": "CVE-2025-20241"
    },
    {
      "cve": "CVE-2025-20290",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1430324",
          "CSAFPID-1430399"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20290 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20290.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1430324",
            "CSAFPID-1430399"
          ]
        }
      ],
      "title": "CVE-2025-20290"
    },
    {
      "cve": "CVE-2025-20262",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1430324",
          "CSAFPID-1430399"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20262 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1430324",
            "CSAFPID-1430399"
          ]
        }
      ],
      "title": "CVE-2025-20262"
    }
  ]
}

ghsa-3q92-5vpf-96pw

Vulnerability from github

Published

2025-08-27 18:31

Modified

2025-08-27 18:31

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

Details

This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-20262"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-27T17:15:34Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.",
  "id": "GHSA-3q92-5vpf-96pw",
  "modified": "2025-08-27T18:31:54Z",
  "published": "2025-08-27T18:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20262"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

cisco-sa-nxospc-pim6-vg4jfph

Vulnerability from csaf_cisco

Published

2025-08-27 16:00

Modified

2025-08-27 16:00

Summary

Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability

Notes

Summary

A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes. For an example of an ephemeral query, see the About Ephemeral Data in gRPC ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635"] section of the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.3(x). Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667"].

Vulnerable Products

At the time of publication, this vulnerability affected Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that had the PIM6 feature enabled and at least one of the following features enabled: NX-API NETCONF RESTCONF gRPC Model Driven Telemetry Note: The Protocol Independent Multicast Version 4 (PIM4) feature is not affected. For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory. Determine Whether the PIM6 Feature Is Enabled To determine whether the PIM6 feature is enabled, use the show feature | include pim6 CLI command, as shown in the following example: Switch# show feature | include pim6 pim6 1 enabled Determine Whether a Secondary Feature Is Enabled To be affected by this vulnerability, a switch must have PIM6 and at least one of the listed features enabled. To determine if any of the listed features are enabled, use the show feature | include featurename command, substituting featurename with the following: nxapi netconf restconf grpc telemetry All these features are disabled by default.

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 1000 Series Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000 Virtual Edge for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Fabric Switches in ACI mode Secure Firewall 3100 Series Secure Firewall 4200 Series UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects UCS 6500 Series Fabric Interconnects UCS X-Series Direct Fabric Interconnect 9108 100G

Workarounds

There are no workarounds that address this vulnerability.

Fixed Software

When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Cisco NX-OS Software To help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (“Combined First Fixed”). To use the tool, go to the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps: Choose which advisories the tool will search—only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"], or all advisories. Choose the appropriate software. Choose the appropriate platform. Enter a release number—for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode. Click Check. Only this advisory All Critical and High advisories All advisories Cisco NX-OS Software Cisco NX-OS Software in ACI Mode Any Platform MDS 9000 Series Multilayer Switches Nexus 1000V Series Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"] Cisco Nexus 3000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"] Cisco Nexus 5500 Platform Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"] Cisco Nexus 5600 Platform Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"] Cisco Nexus 6000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"] Cisco Nexus 7000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"] Cisco Nexus 9000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"] Cisco Nexus 9000 Series ACI-Mode Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"] To determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

This vulnerability was found during internal security testing.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during internal security testing."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.\r\n\r\nFor an example of an ephemeral query, see the About Ephemeral Data in gRPC [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635\"] section of the Cisco Nexus 9000 Series NX-OS Programmability Guide, Release 9.3(x).\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667\"].",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "At the time of publication, this vulnerability affected Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that had the PIM6 feature enabled and at least one of the following features enabled:\r\n\r\nNX-API\r\nNETCONF\r\nRESTCONF\r\ngRPC\r\nModel Driven Telemetry\r\n\r\nNote: The Protocol Independent Multicast Version 4 (PIM4) feature is not affected.\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n\r\nDetermine Whether the PIM6 Feature Is Enabled\r\n\r\nTo determine whether the PIM6 feature is enabled, use the show feature | include pim6 CLI command, as shown in the following example:\r\n\r\n\r\nSwitch# show feature | include pim6\r\npim6                   1          enabled\r\n\r\n\r\nDetermine Whether a Secondary Feature Is Enabled\r\n\r\nTo be affected by this vulnerability, a switch must have PIM6 and at least one of the listed features enabled. To determine if any of the listed features are enabled, use the show feature | include featurename command, substituting featurename with the following:\r\n\r\nnxapi\r\nnetconf\r\nrestconf\r\ngrpc\r\ntelemetry\r\n\r\nAll these features are disabled by default.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nFirepower 1000 Series\r\nFirepower 2100 Series\r\nFirepower 4100 Series\r\nFirepower 9300 Security Appliances\r\nMDS 9000 Series Multilayer Switches\r\nNexus 1000 Virtual Edge for VMware vSphere\r\nNexus 5500 Platform Switches\r\nNexus 5600 Platform Switches\r\nNexus 6000 Series Switches\r\nNexus 7000 Series Switches\r\nNexus 9000 Series Fabric Switches in ACI mode\r\nSecure Firewall 3100 Series\r\nSecure Firewall 4200 Series\r\nUCS 6300 Series Fabric Interconnects\r\nUCS 6400 Series Fabric Interconnects\r\nUCS 6500 Series Fabric Interconnects\r\nUCS X-Series Direct Fabric Interconnect 9108 100G",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\nCisco NX-OS Software\r\nTo help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (\u201cFirst Fixed\u201d). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (\u201cCombined First Fixed\u201d).\r\n\r\nTo use the tool, go to the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:\r\n\r\nChoose which advisories the tool will search\u2014only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr\"], or all advisories.\r\nChoose the appropriate software.\r\nChoose the appropriate platform.\r\nEnter a release number\u2014for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode.\r\nClick Check.\r\n\r\n     Only this advisory All Critical and High advisories All advisories  Cisco NX-OS Software Cisco NX-OS Software in ACI Mode  Any Platform MDS 9000 Series Multilayer Switches Nexus 1000V Series Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches\r\n\r\n\r\n\r\n\r\n Additional Resources\r\nFor help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance.\r\n\r\n\r\nCisco MDS Series Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html\"]\r\nCisco Nexus 3000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html\"]\r\nCisco Nexus 5500 Platform Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html\"]\r\nCisco Nexus 5600 Platform Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html\"]\r\nCisco Nexus 6000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 7000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 9000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html\"]\r\nCisco Nexus 9000 Series ACI-Mode Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html\"]\r\n\r\nTo determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during internal security testing.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "About Ephemeral Data in gRPC",
        "url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/progammability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x/b-cisco-nexus-9000-series-nx-os-programmability-guide-93x_chapter_0101111.html#d40535e2038a1635"
      },
      {
        "category": "external",
        "summary": "Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication",
        "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75667"
      },
      {
        "category": "external",
        "summary": "considering software upgrades",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "Cisco Software Checker",
        "url": "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"
      },
      {
        "category": "external",
        "summary": "Security Impact Rating (SIR)",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"
      },
      {
        "category": "external",
        "summary": "Cisco MDS Series Switches",
        "url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 3000 Series Switches",
        "url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 5500 Platform Switches",
        "url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 5600 Platform Switches",
        "url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 6000 Series Switches",
        "url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 7000 Series Switches",
        "url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 9000 Series Switches",
        "url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"
      },
      {
        "category": "external",
        "summary": "Cisco Nexus 9000 Series ACI-Mode Switches",
        "url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability",
    "tracking": {
      "current_release_date": "2025-08-27T16:00:00+00:00",
      "generator": {
        "date": "2025-08-27T15:57:58+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-nxospc-pim6-vG4jFPh",
      "initial_release_date": "2025-08-27T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2025-08-27T15:57:36+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.2(1)",
                    "product": {
                      "name": "9.2(1)",
                      "product_id": "CSAFPID-248793"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(2)",
                    "product": {
                      "name": "9.2(2)",
                      "product_id": "CSAFPID-265141"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(2t)",
                    "product": {
                      "name": "9.2(2t)",
                      "product_id": "CSAFPID-265142"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(3)",
                    "product": {
                      "name": "9.2(3)",
                      "product_id": "CSAFPID-265143"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(3y)",
                    "product": {
                      "name": "9.2(3y)",
                      "product_id": "CSAFPID-265144"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(4)",
                    "product": {
                      "name": "9.2(4)",
                      "product_id": "CSAFPID-267105"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2(2v)",
                    "product": {
                      "name": "9.2(2v)",
                      "product_id": "CSAFPID-268971"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.2"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.3(1)",
                    "product": {
                      "name": "9.3(1)",
                      "product_id": "CSAFPID-265568"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(2)",
                    "product": {
                      "name": "9.3(2)",
                      "product_id": "CSAFPID-271405"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(3)",
                    "product": {
                      "name": "9.3(3)",
                      "product_id": "CSAFPID-274557"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(1z)",
                    "product": {
                      "name": "9.3(1z)",
                      "product_id": "CSAFPID-276381"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(4)",
                    "product": {
                      "name": "9.3(4)",
                      "product_id": "CSAFPID-277347"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(5)",
                    "product": {
                      "name": "9.3(5)",
                      "product_id": "CSAFPID-278882"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(6)",
                    "product": {
                      "name": "9.3(6)",
                      "product_id": "CSAFPID-280558"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(5w)",
                    "product": {
                      "name": "9.3(5w)",
                      "product_id": "CSAFPID-280940"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(7)",
                    "product": {
                      "name": "9.3(7)",
                      "product_id": "CSAFPID-281984"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(7k)",
                    "product": {
                      "name": "9.3(7k)",
                      "product_id": "CSAFPID-282019"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(7a)",
                    "product": {
                      "name": "9.3(7a)",
                      "product_id": "CSAFPID-284264"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(8)",
                    "product": {
                      "name": "9.3(8)",
                      "product_id": "CSAFPID-284316"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(9)",
                    "product": {
                      "name": "9.3(9)",
                      "product_id": "CSAFPID-286439"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(10)",
                    "product": {
                      "name": "9.3(10)",
                      "product_id": "CSAFPID-288219"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(11)",
                    "product": {
                      "name": "9.3(11)",
                      "product_id": "CSAFPID-292868"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(12)",
                    "product": {
                      "name": "9.3(12)",
                      "product_id": "CSAFPID-299968"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(13)",
                    "product": {
                      "name": "9.3(13)",
                      "product_id": "CSAFPID-301137"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3(14)",
                    "product": {
                      "name": "9.3(14)",
                      "product_id": "CSAFPID-302873"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.3"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "10.1(1)",
                    "product": {
                      "name": "10.1(1)",
                      "product_id": "CSAFPID-281488"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.1(2)",
                    "product": {
                      "name": "10.1(2)",
                      "product_id": "CSAFPID-282666"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.1(2t)",
                    "product": {
                      "name": "10.1(2t)",
                      "product_id": "CSAFPID-286109"
                    }
                  }
                ],
                "category": "product_version",
                "name": "10.1"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "10.2(1)",
                    "product": {
                      "name": "10.2(1)",
                      "product_id": "CSAFPID-284574"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(1q)",
                    "product": {
                      "name": "10.2(1q)",
                      "product_id": "CSAFPID-284892"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(2)",
                    "product": {
                      "name": "10.2(2)",
                      "product_id": "CSAFPID-286098"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(3)",
                    "product": {
                      "name": "10.2(3)",
                      "product_id": "CSAFPID-286833"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(2a)",
                    "product": {
                      "name": "10.2(2a)",
                      "product_id": "CSAFPID-287105"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(3t)",
                    "product": {
                      "name": "10.2(3t)",
                      "product_id": "CSAFPID-290556"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(4)",
                    "product": {
                      "name": "10.2(4)",
                      "product_id": "CSAFPID-290620"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(5)",
                    "product": {
                      "name": "10.2(5)",
                      "product_id": "CSAFPID-294841"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(3v)",
                    "product": {
                      "name": "10.2(3v)",
                      "product_id": "CSAFPID-300117"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(6)",
                    "product": {
                      "name": "10.2(6)",
                      "product_id": "CSAFPID-300748"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(7)",
                    "product": {
                      "name": "10.2(7)",
                      "product_id": "CSAFPID-301277"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.2(8)",
                    "product": {
                      "name": "10.2(8)",
                      "product_id": "CSAFPID-302635"
                    }
                  }
                ],
                "category": "product_version",
                "name": "10.2"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "10.3(1)",
                    "product": {
                      "name": "10.3(1)",
                      "product_id": "CSAFPID-289309"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(2)",
                    "product": {
                      "name": "10.3(2)",
                      "product_id": "CSAFPID-292658"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3)",
                    "product": {
                      "name": "10.3(3)",
                      "product_id": "CSAFPID-295511"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(99w)",
                    "product": {
                      "name": "10.3(99w)",
                      "product_id": "CSAFPID-299969"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3w)",
                    "product": {
                      "name": "10.3(3w)",
                      "product_id": "CSAFPID-300516"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(99x)",
                    "product": {
                      "name": "10.3(99x)",
                      "product_id": "CSAFPID-300517"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3o)",
                    "product": {
                      "name": "10.3(3o)",
                      "product_id": "CSAFPID-300741"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(4a)",
                    "product": {
                      "name": "10.3(4a)",
                      "product_id": "CSAFPID-300941"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3p)",
                    "product": {
                      "name": "10.3(3p)",
                      "product_id": "CSAFPID-300942"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(4)",
                    "product": {
                      "name": "10.3(4)",
                      "product_id": "CSAFPID-301024"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3q)",
                    "product": {
                      "name": "10.3(3q)",
                      "product_id": "CSAFPID-301106"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3x)",
                    "product": {
                      "name": "10.3(3x)",
                      "product_id": "CSAFPID-301289"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(5)",
                    "product": {
                      "name": "10.3(5)",
                      "product_id": "CSAFPID-301718"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(4g)",
                    "product": {
                      "name": "10.3(4g)",
                      "product_id": "CSAFPID-301720"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(3r)",
                    "product": {
                      "name": "10.3(3r)",
                      "product_id": "CSAFPID-302643"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(6)",
                    "product": {
                      "name": "10.3(6)",
                      "product_id": "CSAFPID-302817"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.3(4h)",
                    "product": {
                      "name": "10.3(4h)",
                      "product_id": "CSAFPID-302884"
                    }
                  }
                ],
                "category": "product_version",
                "name": "10.3"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "10.4(1)",
                    "product": {
                      "name": "10.4(1)",
                      "product_id": "CSAFPID-300515"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.4(2)",
                    "product": {
                      "name": "10.4(2)",
                      "product_id": "CSAFPID-301115"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.4(3)",
                    "product": {
                      "name": "10.4(3)",
                      "product_id": "CSAFPID-301568"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.4(4)",
                    "product": {
                      "name": "10.4(4)",
                      "product_id": "CSAFPID-303016"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.4(4g)",
                    "product": {
                      "name": "10.4(4g)",
                      "product_id": "CSAFPID-303719"
                    }
                  }
                ],
                "category": "product_version",
                "name": "10.4"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "10.5(1)",
                    "product": {
                      "name": "10.5(1)",
                      "product_id": "CSAFPID-302754"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "10.5(2)",
                    "product": {
                      "name": "10.5(2)",
                      "product_id": "CSAFPID-303064"
                    }
                  }
                ],
                "category": "product_version",
                "name": "10.5"
              }
            ],
            "category": "product_family",
            "name": "Cisco NX-OS Software"
          },
          {
            "category": "product_name",
            "name": "Cisco Nexus 3000 Series Switches",
            "product": {
              "name": "Cisco Nexus 3000 Series Switches",
              "product_id": "CSAFPID-265091"
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Nexus 9000 Series Switches",
            "product": {
              "name": "Cisco Nexus 9000 Series Switches",
              "product_id": "CSAFPID-265096"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-248793:265091"
        },
        "product_reference": "CSAFPID-248793",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-248793:265096"
        },
        "product_reference": "CSAFPID-248793",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-265141:265091"
        },
        "product_reference": "CSAFPID-265141",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-265141:265096"
        },
        "product_reference": "CSAFPID-265141",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(2t) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-265142:265091"
        },
        "product_reference": "CSAFPID-265142",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-265143:265091"
        },
        "product_reference": "CSAFPID-265143",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-265143:265096"
        },
        "product_reference": "CSAFPID-265143",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-265144:265091"
        },
        "product_reference": "CSAFPID-265144",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-265144:265096"
        },
        "product_reference": "CSAFPID-265144",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(4) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-267105:265091"
        },
        "product_reference": "CSAFPID-267105",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(4) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-267105:265096"
        },
        "product_reference": "CSAFPID-267105",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.2(2v) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-268971:265091"
        },
        "product_reference": "CSAFPID-268971",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-265568:265091"
        },
        "product_reference": "CSAFPID-265568",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-265568:265096"
        },
        "product_reference": "CSAFPID-265568",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-271405:265091"
        },
        "product_reference": "CSAFPID-271405",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-271405:265096"
        },
        "product_reference": "CSAFPID-271405",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(3) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-274557:265091"
        },
        "product_reference": "CSAFPID-274557",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(3) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-274557:265096"
        },
        "product_reference": "CSAFPID-274557",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(1z) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-276381:265096"
        },
        "product_reference": "CSAFPID-276381",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(4) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-277347:265091"
        },
        "product_reference": "CSAFPID-277347",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(4) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-277347:265096"
        },
        "product_reference": "CSAFPID-277347",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(5) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-278882:265091"
        },
        "product_reference": "CSAFPID-278882",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(5) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-278882:265096"
        },
        "product_reference": "CSAFPID-278882",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(6) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-280558:265091"
        },
        "product_reference": "CSAFPID-280558",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(6) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-280558:265096"
        },
        "product_reference": "CSAFPID-280558",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(5w) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-280940:265096"
        },
        "product_reference": "CSAFPID-280940",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-281984:265091"
        },
        "product_reference": "CSAFPID-281984",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-281984:265096"
        },
        "product_reference": "CSAFPID-281984",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7k) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-282019:265091"
        },
        "product_reference": "CSAFPID-282019",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7k) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-282019:265096"
        },
        "product_reference": "CSAFPID-282019",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7a) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-284264:265091"
        },
        "product_reference": "CSAFPID-284264",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(7a) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-284264:265096"
        },
        "product_reference": "CSAFPID-284264",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(8) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-284316:265091"
        },
        "product_reference": "CSAFPID-284316",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(8) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-284316:265096"
        },
        "product_reference": "CSAFPID-284316",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(9) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-286439:265091"
        },
        "product_reference": "CSAFPID-286439",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(9) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-286439:265096"
        },
        "product_reference": "CSAFPID-286439",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(10) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-288219:265091"
        },
        "product_reference": "CSAFPID-288219",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(10) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-288219:265096"
        },
        "product_reference": "CSAFPID-288219",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(11) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-292868:265091"
        },
        "product_reference": "CSAFPID-292868",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(11) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-292868:265096"
        },
        "product_reference": "CSAFPID-292868",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(12) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-299968:265091"
        },
        "product_reference": "CSAFPID-299968",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(12) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-299968:265096"
        },
        "product_reference": "CSAFPID-299968",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(13) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301137:265091"
        },
        "product_reference": "CSAFPID-301137",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(13) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301137:265096"
        },
        "product_reference": "CSAFPID-301137",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(14) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-302873:265091"
        },
        "product_reference": "CSAFPID-302873",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 9.3(14) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302873:265096"
        },
        "product_reference": "CSAFPID-302873",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.1(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-281488:265091"
        },
        "product_reference": "CSAFPID-281488",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.1(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-281488:265096"
        },
        "product_reference": "CSAFPID-281488",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.1(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-282666:265091"
        },
        "product_reference": "CSAFPID-282666",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.1(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-282666:265096"
        },
        "product_reference": "CSAFPID-282666",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.1(2t) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-286109:265091"
        },
        "product_reference": "CSAFPID-286109",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-284574:265091"
        },
        "product_reference": "CSAFPID-284574",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-284574:265096"
        },
        "product_reference": "CSAFPID-284574",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(1q) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-284892:265096"
        },
        "product_reference": "CSAFPID-284892",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-286098:265091"
        },
        "product_reference": "CSAFPID-286098",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-286098:265096"
        },
        "product_reference": "CSAFPID-286098",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(3) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-286833:265091"
        },
        "product_reference": "CSAFPID-286833",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(3) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-286833:265096"
        },
        "product_reference": "CSAFPID-286833",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(2a) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-287105:265096"
        },
        "product_reference": "CSAFPID-287105",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(3t) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-290556:265091"
        },
        "product_reference": "CSAFPID-290556",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(4) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-290620:265091"
        },
        "product_reference": "CSAFPID-290620",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(4) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-290620:265096"
        },
        "product_reference": "CSAFPID-290620",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(5) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-294841:265091"
        },
        "product_reference": "CSAFPID-294841",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(5) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-294841:265096"
        },
        "product_reference": "CSAFPID-294841",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(3v) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-300117:265091"
        },
        "product_reference": "CSAFPID-300117",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(6) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-300748:265091"
        },
        "product_reference": "CSAFPID-300748",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(6) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300748:265096"
        },
        "product_reference": "CSAFPID-300748",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(7) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301277:265091"
        },
        "product_reference": "CSAFPID-301277",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(7) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301277:265096"
        },
        "product_reference": "CSAFPID-301277",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(8) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-302635:265091"
        },
        "product_reference": "CSAFPID-302635",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.2(8) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302635:265096"
        },
        "product_reference": "CSAFPID-302635",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-289309:265091"
        },
        "product_reference": "CSAFPID-289309",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-289309:265096"
        },
        "product_reference": "CSAFPID-289309",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-292658:265091"
        },
        "product_reference": "CSAFPID-292658",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-292658:265096"
        },
        "product_reference": "CSAFPID-292658",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-295511:265091"
        },
        "product_reference": "CSAFPID-295511",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-295511:265096"
        },
        "product_reference": "CSAFPID-295511",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(99w) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-299969:265096"
        },
        "product_reference": "CSAFPID-299969",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3w) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300516:265096"
        },
        "product_reference": "CSAFPID-300516",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(99x) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300517:265096"
        },
        "product_reference": "CSAFPID-300517",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3o) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300741:265096"
        },
        "product_reference": "CSAFPID-300741",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-300941:265091"
        },
        "product_reference": "CSAFPID-300941",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300941:265096"
        },
        "product_reference": "CSAFPID-300941",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3p) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300942:265096"
        },
        "product_reference": "CSAFPID-300942",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301024:265091"
        },
        "product_reference": "CSAFPID-301024",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301024:265096"
        },
        "product_reference": "CSAFPID-301024",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3q) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301106:265096"
        },
        "product_reference": "CSAFPID-301106",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3x) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301289:265096"
        },
        "product_reference": "CSAFPID-301289",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(5) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301718:265091"
        },
        "product_reference": "CSAFPID-301718",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(5) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301718:265096"
        },
        "product_reference": "CSAFPID-301718",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4g) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301720:265096"
        },
        "product_reference": "CSAFPID-301720",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(3r) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302643:265096"
        },
        "product_reference": "CSAFPID-302643",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(6) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-302817:265091"
        },
        "product_reference": "CSAFPID-302817",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(6) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302817:265096"
        },
        "product_reference": "CSAFPID-302817",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.3(4h) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302884:265096"
        },
        "product_reference": "CSAFPID-302884",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-300515:265091"
        },
        "product_reference": "CSAFPID-300515",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-300515:265096"
        },
        "product_reference": "CSAFPID-300515",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301115:265091"
        },
        "product_reference": "CSAFPID-301115",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301115:265096"
        },
        "product_reference": "CSAFPID-301115",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(3) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-301568:265091"
        },
        "product_reference": "CSAFPID-301568",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(3) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-301568:265096"
        },
        "product_reference": "CSAFPID-301568",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(4) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-303016:265091"
        },
        "product_reference": "CSAFPID-303016",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(4) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-303016:265096"
        },
        "product_reference": "CSAFPID-303016",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.4(4g) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-303719:265096"
        },
        "product_reference": "CSAFPID-303719",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.5(1) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-302754:265091"
        },
        "product_reference": "CSAFPID-302754",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.5(1) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-302754:265096"
        },
        "product_reference": "CSAFPID-302754",
        "relates_to_product_reference": "CSAFPID-265096"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.5(2) when installed on Cisco Nexus 3000 Series Switches",
          "product_id": "CSAFPID-303064:265091"
        },
        "product_reference": "CSAFPID-303064",
        "relates_to_product_reference": "CSAFPID-265091"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco NX-OS Software 10.5(2) when installed on Cisco Nexus 9000 Series Switches",
          "product_id": "CSAFPID-303064:265096"
        },
        "product_reference": "CSAFPID-303064",
        "relates_to_product_reference": "CSAFPID-265096"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20262",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwn69044"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-248793:265091",
          "CSAFPID-248793:265096",
          "CSAFPID-265141:265091",
          "CSAFPID-265141:265096",
          "CSAFPID-265142:265091",
          "CSAFPID-265143:265091",
          "CSAFPID-265143:265096",
          "CSAFPID-265144:265091",
          "CSAFPID-265144:265096",
          "CSAFPID-265568:265091",
          "CSAFPID-265568:265096",
          "CSAFPID-267105:265091",
          "CSAFPID-267105:265096",
          "CSAFPID-268971:265091",
          "CSAFPID-271405:265091",
          "CSAFPID-271405:265096",
          "CSAFPID-274557:265091",
          "CSAFPID-274557:265096",
          "CSAFPID-276381:265096",
          "CSAFPID-277347:265091",
          "CSAFPID-277347:265096",
          "CSAFPID-278882:265091",
          "CSAFPID-278882:265096",
          "CSAFPID-280558:265091",
          "CSAFPID-280558:265096",
          "CSAFPID-280940:265096",
          "CSAFPID-281488:265091",
          "CSAFPID-281488:265096",
          "CSAFPID-281984:265091",
          "CSAFPID-281984:265096",
          "CSAFPID-282019:265091",
          "CSAFPID-282019:265096",
          "CSAFPID-282666:265091",
          "CSAFPID-282666:265096",
          "CSAFPID-284264:265091",
          "CSAFPID-284264:265096",
          "CSAFPID-284316:265091",
          "CSAFPID-284316:265096",
          "CSAFPID-284574:265091",
          "CSAFPID-284574:265096",
          "CSAFPID-284892:265096",
          "CSAFPID-286098:265091",
          "CSAFPID-286098:265096",
          "CSAFPID-286109:265091",
          "CSAFPID-286439:265091",
          "CSAFPID-286439:265096",
          "CSAFPID-286833:265091",
          "CSAFPID-286833:265096",
          "CSAFPID-287105:265096",
          "CSAFPID-288219:265091",
          "CSAFPID-288219:265096",
          "CSAFPID-289309:265091",
          "CSAFPID-289309:265096",
          "CSAFPID-290556:265091",
          "CSAFPID-290620:265091",
          "CSAFPID-290620:265096",
          "CSAFPID-292658:265091",
          "CSAFPID-292658:265096",
          "CSAFPID-292868:265091",
          "CSAFPID-292868:265096",
          "CSAFPID-294841:265091",
          "CSAFPID-294841:265096",
          "CSAFPID-295511:265091",
          "CSAFPID-295511:265096",
          "CSAFPID-299968:265091",
          "CSAFPID-299968:265096",
          "CSAFPID-299969:265096",
          "CSAFPID-300117:265091",
          "CSAFPID-300515:265091",
          "CSAFPID-300515:265096",
          "CSAFPID-300516:265096",
          "CSAFPID-300517:265096",
          "CSAFPID-300741:265096",
          "CSAFPID-300748:265091",
          "CSAFPID-300748:265096",
          "CSAFPID-300941:265091",
          "CSAFPID-300941:265096",
          "CSAFPID-300942:265096",
          "CSAFPID-301024:265091",
          "CSAFPID-301024:265096",
          "CSAFPID-301106:265096",
          "CSAFPID-301115:265091",
          "CSAFPID-301115:265096",
          "CSAFPID-301137:265091",
          "CSAFPID-301137:265096",
          "CSAFPID-301277:265091",
          "CSAFPID-301277:265096",
          "CSAFPID-301289:265096",
          "CSAFPID-301568:265091",
          "CSAFPID-301568:265096",
          "CSAFPID-301718:265091",
          "CSAFPID-301718:265096",
          "CSAFPID-301720:265096",
          "CSAFPID-302635:265091",
          "CSAFPID-302635:265096",
          "CSAFPID-302643:265096",
          "CSAFPID-302754:265091",
          "CSAFPID-302754:265096",
          "CSAFPID-302817:265091",
          "CSAFPID-302817:265096",
          "CSAFPID-302873:265091",
          "CSAFPID-302873:265096",
          "CSAFPID-302884:265096",
          "CSAFPID-303016:265091",
          "CSAFPID-303016:265096",
          "CSAFPID-303064:265091",
          "CSAFPID-303064:265096",
          "CSAFPID-303719:265096"
        ]
      },
      "release_date": "2025-08-27T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-248793:265091",
            "CSAFPID-248793:265096",
            "CSAFPID-265141:265091",
            "CSAFPID-265141:265096",
            "CSAFPID-265142:265091",
            "CSAFPID-265143:265091",
            "CSAFPID-265143:265096",
            "CSAFPID-265144:265091",
            "CSAFPID-265144:265096",
            "CSAFPID-265568:265091",
            "CSAFPID-265568:265096",
            "CSAFPID-267105:265091",
            "CSAFPID-267105:265096",
            "CSAFPID-268971:265091",
            "CSAFPID-271405:265091",
            "CSAFPID-271405:265096",
            "CSAFPID-274557:265091",
            "CSAFPID-274557:265096",
            "CSAFPID-276381:265096",
            "CSAFPID-277347:265091",
            "CSAFPID-277347:265096",
            "CSAFPID-278882:265091",
            "CSAFPID-278882:265096",
            "CSAFPID-280558:265091",
            "CSAFPID-280558:265096",
            "CSAFPID-280940:265096",
            "CSAFPID-281488:265091",
            "CSAFPID-281488:265096",
            "CSAFPID-281984:265091",
            "CSAFPID-281984:265096",
            "CSAFPID-282019:265091",
            "CSAFPID-282019:265096",
            "CSAFPID-282666:265091",
            "CSAFPID-282666:265096",
            "CSAFPID-284264:265091",
            "CSAFPID-284264:265096",
            "CSAFPID-284316:265091",
            "CSAFPID-284316:265096",
            "CSAFPID-284574:265091",
            "CSAFPID-284574:265096",
            "CSAFPID-284892:265096",
            "CSAFPID-286098:265091",
            "CSAFPID-286098:265096",
            "CSAFPID-286109:265091",
            "CSAFPID-286439:265091",
            "CSAFPID-286439:265096",
            "CSAFPID-286833:265091",
            "CSAFPID-286833:265096",
            "CSAFPID-287105:265096",
            "CSAFPID-288219:265091",
            "CSAFPID-288219:265096",
            "CSAFPID-289309:265091",
            "CSAFPID-289309:265096",
            "CSAFPID-290556:265091",
            "CSAFPID-290620:265091",
            "CSAFPID-290620:265096",
            "CSAFPID-292658:265091",
            "CSAFPID-292658:265096",
            "CSAFPID-292868:265091",
            "CSAFPID-292868:265096",
            "CSAFPID-294841:265091",
            "CSAFPID-294841:265096",
            "CSAFPID-295511:265091",
            "CSAFPID-295511:265096",
            "CSAFPID-299968:265091",
            "CSAFPID-299968:265096",
            "CSAFPID-299969:265096",
            "CSAFPID-300117:265091",
            "CSAFPID-300515:265091",
            "CSAFPID-300515:265096",
            "CSAFPID-300516:265096",
            "CSAFPID-300517:265096",
            "CSAFPID-300741:265096",
            "CSAFPID-300748:265091",
            "CSAFPID-300748:265096",
            "CSAFPID-300941:265091",
            "CSAFPID-300941:265096",
            "CSAFPID-300942:265096",
            "CSAFPID-301024:265091",
            "CSAFPID-301024:265096",
            "CSAFPID-301106:265096",
            "CSAFPID-301115:265091",
            "CSAFPID-301115:265096",
            "CSAFPID-301137:265091",
            "CSAFPID-301137:265096",
            "CSAFPID-301277:265091",
            "CSAFPID-301277:265096",
            "CSAFPID-301289:265096",
            "CSAFPID-301568:265091",
            "CSAFPID-301568:265096",
            "CSAFPID-301718:265091",
            "CSAFPID-301718:265096",
            "CSAFPID-301720:265096",
            "CSAFPID-302635:265091",
            "CSAFPID-302635:265096",
            "CSAFPID-302643:265096",
            "CSAFPID-302754:265091",
            "CSAFPID-302754:265096",
            "CSAFPID-302817:265091",
            "CSAFPID-302817:265096",
            "CSAFPID-302873:265091",
            "CSAFPID-302873:265096",
            "CSAFPID-302884:265096",
            "CSAFPID-303016:265091",
            "CSAFPID-303016:265096",
            "CSAFPID-303064:265091",
            "CSAFPID-303064:265096",
            "CSAFPID-303719:265096"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-248793:265091",
            "CSAFPID-248793:265096",
            "CSAFPID-265141:265091",
            "CSAFPID-265141:265096",
            "CSAFPID-265142:265091",
            "CSAFPID-265143:265091",
            "CSAFPID-265143:265096",
            "CSAFPID-265144:265091",
            "CSAFPID-265144:265096",
            "CSAFPID-265568:265091",
            "CSAFPID-265568:265096",
            "CSAFPID-267105:265091",
            "CSAFPID-267105:265096",
            "CSAFPID-268971:265091",
            "CSAFPID-271405:265091",
            "CSAFPID-271405:265096",
            "CSAFPID-274557:265091",
            "CSAFPID-274557:265096",
            "CSAFPID-276381:265096",
            "CSAFPID-277347:265091",
            "CSAFPID-277347:265096",
            "CSAFPID-278882:265091",
            "CSAFPID-278882:265096",
            "CSAFPID-280558:265091",
            "CSAFPID-280558:265096",
            "CSAFPID-280940:265096",
            "CSAFPID-281488:265091",
            "CSAFPID-281488:265096",
            "CSAFPID-281984:265091",
            "CSAFPID-281984:265096",
            "CSAFPID-282019:265091",
            "CSAFPID-282019:265096",
            "CSAFPID-282666:265091",
            "CSAFPID-282666:265096",
            "CSAFPID-284264:265091",
            "CSAFPID-284264:265096",
            "CSAFPID-284316:265091",
            "CSAFPID-284316:265096",
            "CSAFPID-284574:265091",
            "CSAFPID-284574:265096",
            "CSAFPID-284892:265096",
            "CSAFPID-286098:265091",
            "CSAFPID-286098:265096",
            "CSAFPID-286109:265091",
            "CSAFPID-286439:265091",
            "CSAFPID-286439:265096",
            "CSAFPID-286833:265091",
            "CSAFPID-286833:265096",
            "CSAFPID-287105:265096",
            "CSAFPID-288219:265091",
            "CSAFPID-288219:265096",
            "CSAFPID-289309:265091",
            "CSAFPID-289309:265096",
            "CSAFPID-290556:265091",
            "CSAFPID-290620:265091",
            "CSAFPID-290620:265096",
            "CSAFPID-292658:265091",
            "CSAFPID-292658:265096",
            "CSAFPID-292868:265091",
            "CSAFPID-292868:265096",
            "CSAFPID-294841:265091",
            "CSAFPID-294841:265096",
            "CSAFPID-295511:265091",
            "CSAFPID-295511:265096",
            "CSAFPID-299968:265091",
            "CSAFPID-299968:265096",
            "CSAFPID-299969:265096",
            "CSAFPID-300117:265091",
            "CSAFPID-300515:265091",
            "CSAFPID-300515:265096",
            "CSAFPID-300516:265096",
            "CSAFPID-300517:265096",
            "CSAFPID-300741:265096",
            "CSAFPID-300748:265091",
            "CSAFPID-300748:265096",
            "CSAFPID-300941:265091",
            "CSAFPID-300941:265096",
            "CSAFPID-300942:265096",
            "CSAFPID-301024:265091",
            "CSAFPID-301024:265096",
            "CSAFPID-301106:265096",
            "CSAFPID-301115:265091",
            "CSAFPID-301115:265096",
            "CSAFPID-301137:265091",
            "CSAFPID-301137:265096",
            "CSAFPID-301277:265091",
            "CSAFPID-301277:265096",
            "CSAFPID-301289:265096",
            "CSAFPID-301568:265091",
            "CSAFPID-301568:265096",
            "CSAFPID-301718:265091",
            "CSAFPID-301718:265096",
            "CSAFPID-301720:265096",
            "CSAFPID-302635:265091",
            "CSAFPID-302635:265096",
            "CSAFPID-302643:265096",
            "CSAFPID-302754:265091",
            "CSAFPID-302754:265096",
            "CSAFPID-302817:265091",
            "CSAFPID-302817:265096",
            "CSAFPID-302873:265091",
            "CSAFPID-302873:265096",
            "CSAFPID-302884:265096",
            "CSAFPID-303016:265091",
            "CSAFPID-303016:265096",
            "CSAFPID-303064:265091",
            "CSAFPID-303064:265096",
            "CSAFPID-303719:265096"
          ]
        }
      ],
      "title": "Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability"
    }
  ]
}

fkie_cve-2025-20262

Vulnerability from fkie_nvd

Published

2025-08-27 17:15

Modified

2025-08-29 16:24

Severity ?

5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

Summary

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n Protocol Independent Multicast Version 6 (PIM6) de los switches Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios provoque un bloqueo del proceso PIM6, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de las consultas de datos ef\u00edmeros de PIM6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta ef\u00edmera manipulada a un dispositivo afectado mediante uno de los siguientes m\u00e9todos: NX-API REST, NETCONF, RESTConf, gRPC o telemetr\u00eda basada en modelos. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar el bloqueo y reinicio del proceso PIM6, lo que podr\u00eda causar fluctuaciones de adyacencia y una denegaci\u00f3n de servicio (DoS) de PIM6 y los procesos de consulta ef\u00edmera."
    }
  ],
  "id": "CVE-2025-20262",
  "lastModified": "2025-08-29T16:24:09.860",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-08-27T17:15:34.873",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-20262 (GCVE-0-2025-20262)

Vulnerability from cvelistv5

ncsc-2025-0270

Vulnerability from csaf_ncscnl

ghsa-3q92-5vpf-96pw

Vulnerability from github

cisco-sa-nxospc-pim6-vg4jfph

Vulnerability from csaf_cisco

fkie_cve-2025-20262

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature