A critical vulnerability in Cisco Systems intersite policy manager software could allow a remote attacker to bypass authentication. The glitch is considered critical because an attacker without any authentication could remotely could exploit it, merely by sending a crafted request to the affected API. Cisco also stoppered a hole stemming from NX-OS, Cisco s network operating system for its Nexus-series Ethernet switches. The Nexus 3000 series switches and Nexus 9000 series switches are vulnerable by default users of these devices should update as soon as possible.
Source: https://threatpost.com/cisco-critical-security-flaw/164255/