CVE-2026-5944 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: April 28, 2026
Cisco Intersight Device Connector - Broken Access Control
Published: April 28, 2026Updated: April 28, 2026Remote Exploitable
Overview
Cisco Intersight Device Connector for Nutanix Prism Central contains an improper access control vulnerability caused by an unauthenticated API passthrough endpoint on TCP port 7373, letting unauthenticated attackers with network access disrupt active workloads, exploit requires network access to the deployment environment.
Severity & Score
Severity: High
CVSS Score: 8.2
Impact
Unauthenticated attackers can disrupt active workloads, causing loss of service availability within the affected environment.
Mitigation
Update to the latest version of Cisco Intersight Device Connector for Nutanix Prism Central.
References
Related Resources
Details
- CVE ID
- CVE-2026-5944
- Severity
- High
- CVSS Score
- 8.2
- Type
- broken_access_control
- Status
- new
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H