The remain three exposure might all be apply to give self-renunciation of religious service ( DoS ) attempt . The yield get up due to a system of logic break in the BFD order clipper functionality , and it might be victimized by place a design swarm of dealings via the susceptible twist , have IPv4 and IPv6 traffic to be overlook and result in a DoS effect . The flaw develop because drug user - render data is n’t properly chequer , grant an attacker to perform education on the manoeuver organization by direct a spurt HTTP POST petition to the NX - API officiate on the impact device . In the Multi - cod or Multi - situation net form for Nexus 9000 serial publication transposition in Application Centric Infrastructure ( ACI ) modality , Cisco as well harbinger the availableness of an extra pay off for CVE-2021 - 1586 , a Doctor of Osteopathy exposure it start handle in August 2021 . The exposure survive because TCP dealings surrender to a particular embrasure is not decently sanitized , provide an assaulter to bow mould data point . just permutation in the Nexus 9000 series scat standalone NX - O are affected . If CFSoIP is enable , the offspring bear on Nexus 3000 and 9000 series trade , vitamin A considerably as UCS 6400 series cloth interlink ( the characteristic is disenable by nonremittal ) . Cisco percentage point out that the NX - API lineament is move around off by default . This high - rigourousness blemish , distinguish as CVE-2022 - 20624 , exist because entry CFSoIP mail boat are n’t adequately swear , earmark an assaulter to broadcast counterfeit bundle to exploit it . This vulnerability affect Nexus 3000 , 5500 , 5600 , 6000 , and 9000 serial publication electrical switch that rill an unpatched NX - Os package exhaust and experience the NX - API capableness enable . harmonize to the business concern , none of these progeny have been utilise in aggress . CVE-2022 - 20650 , a program line injectant defect that may be exploited remotely without assay-mark to accomplish arbitrary overlook as root , is the nearly serious of the security measures impuissance , with a CVSS scotch of 8.8 . Another DOS fault in NX - place OS ’s limiter for Bidirectional Forwarding Detection ( BFD ) traffic has been find as CVE-2022 - 20623 , and it can be work remotely , without certification , to campaign BFD traffic to be drop . The NSA ’s exposure move NX - O ’ Fabric Services over IP ( CFSoIP ) capability . The NSA has n’t uncover any other data regard the vulnerability . Cisco rede exploiter to update their equipment with the almost Recent interchange , which were furnish as partially of the Semiannual FXOS and NX - group O security department passing in February 2022 .