Main Vulnerability Database SB2026022614

SB2026022614 - Denial of service in Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP

Published: February 26, 2026

Security Bulletin ID SB2026022614

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Uncontrolled memory allocation (CVE-ID: CVE-2026-20048)

The vulnerability allows a remote user to perform a denial of service attack.

The vulnerability exists due to a boundary error in the Simple Network Management Protocol (SNMP) subsystem. A remote user with read-only access can send specially crafted SNMP packets to the device and perform a denial of service attack. SNMP versions 1, 2c, and 3 are affected.

Remediation

Install update from vendor's website.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dsnmp-cNN39Uh
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq57598