Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-5944
PUBLISHED
More InfoOfficial Page
Assigner-Nutanix
Assigner Org ID-2ffdacf6-8681-47df-b023-4f11abd61c1d
View Known Exploited Vulnerability (KEV) details
Published At-28 Apr, 2026 | 13:06
Updated At-28 Apr, 2026 | 14:14
Rejected At-
▼CVE Numbering Authority (CNA)
Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated attacker with network access can exploit this vulnerability by sending crafted requests to the exposed endpoint to enumerate cluster metadata, including virtual machine information and cluster configuration details. While the API primarily supports read-only operations, it also allows certain cluster maintenance workflows to be invoked. Although this vulnerability does not allow persistent modification of system configurations or access to credentials or sensitive user data, successful exploitation may result in disruption of active workloads, leading to loss of service availability within the affected environment.

Affected Products
Vendor
Nutanix
Product
Cisco Intersight Device Connector for Prism Central
Default Status
unaffected
Versions
Affected
  • From 4.3.0 before 7.5.1 (custom)
    • -> unaffectedfrom7.5.1
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306 Missing authentication for critical function
CWECWE-862CWE-862 Missing Authorization
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing authentication for critical function
Type: CWE
CWE ID: CWE-862
Description: CWE-862 Missing Authorization
Metrics
VersionBase scoreBase severityVector
4.06.7MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:U/V:C/RE:L/U:Amber
3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2.08.5N/A
AV:N/AC:L/Au:N/C:P/I:N/A:C
Version: 4.0
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:U/V:C/RE:L/U:Amber
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Version: 2.0
Base score: 8.5
Base severity: N/A
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:C
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-115CAPEC-115 Authentication Bypass
CAPEC ID: CAPEC-115
Description: CAPEC-115 Authentication Bypass
Solutions

Nutanix has released version 7.5.1 of the Cisco Intersight Device Connector: * Log in to Prism Central (PC) and navigate to the Life Cycle Manager (LCM) Dashboard. * Click "Perform Inventory" or "Get Full Inventory" to refresh the inventory. * After the inventory refresh completes, navigate to the Marketplace. * Select the Cisco Intersight Device Connector. * Click "Upgrade" to update to version 7.5.1 or later.

Configurations

The vulnerability is exploitable only when the Cisco Intersight Device Connector has been manually installed via the Prism Central Marketplace. If the connector is not enabled, the affected service and TCP port 7373 remain closed and unexposed. Organizations are impacted only when the connector is active and running a version greater than or equal to 4.3.0 and less than 7.5.1, which can be verified by navigating to the Admin Center in Prism Central, selecting the My Apps tab and verifying the installation status and version of the Cisco Intersight Device Connector.

Workarounds

If upgrading the Cisco Intersight Device Connector to version 7.5.1 or later is not immediately possible, restrict access to TCP port 7373 by limiting the service to internal traffic only: * Establish an SSH session to Prism Central (PC). * Execute the following command to reconfigure the service visibility to internal traffic only: sudo kubectl -n pc-platform-other annotate service cisco-device-connector service.msp.ntnx.io/lb=pc-internal --overwrite * Run the following command: sudo kubectl get svc -n pc-platform-other and verify that the Cisco Intersight Device Connector is no longer associated with the Prism Central public IP address.

Exploits

The Nutanix Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
reporter
External Security Researcher (via Cisco)
Timeline
EventDate
Initial vulnerability analysis and internal update2026-04-08 15:45:00
CVE reserved2026-04-08 18:30:00
Advisory published2026-04-28 13:06:00
Event: Initial vulnerability analysis and internal update
Date: 2026-04-08 15:45:00
Event: CVE reserved
Date: 2026-04-08 18:30:00
Event: Advisory published
Date: 2026-04-28 13:06:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://download.nutanix.com/alerts/Security_Advisory_0046.pdf
vendor-advisory
https://portal.nutanix.com/page/documents/list?type=software&filterKey=software&filterVal=Prism
release-notes
https://www.nutanix.com/support
x_support
Hyperlink: https://download.nutanix.com/alerts/Security_Advisory_0046.pdf
Resource:
vendor-advisory
Hyperlink: https://portal.nutanix.com/page/documents/list?type=software&filterKey=software&filterVal=Prism
Resource:
release-notes
Hyperlink: https://www.nutanix.com/support
Resource:
x_support
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found