MEDIUM
Nutanix
CVE published 2026-04-28
CVE-2026-5944
An improper access control vulnerability in the Cisco Intersight Device Connector for Nutanix Prism Central exposes an unauthenticated API passthrough endpoint on TCP port 7373. The affected versions span 4.3.0 through 7.5.0. An unauthenticated attacker with network access can enumerate cluster metadata including virtual machine information and cluster configuration details, and may invoke certain cluster [truncated]