CVE-2026-20033

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected.

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected.

Una vulnerabilidad en los switches de tejido Cisco Nexus serie 9000 en modo ACI podría permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente al procesar tramas Ethernet específicas. Un atacante podría explotar esta vulnerabilidad al enviar una trama Ethernet manipulada a la interfaz de gestión de un dispositivo afectado. Un exploit exitoso podría permitir al atacante hacer que el dispositivo se recargue inesperadamente, lo que resultaría en una condición de DoS. Nota: Solo la interfaz de gestión fuera de banda (OOB) se ve afectada.