Cisco NX-OS Software Vulnerability Could Lead to Unexpected Restart or Denial of Service
CVE-2024-20267

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Nx-os Software
Vendor: CVE Published:; 29 February 2024

Badges

👾 Exploit Exists

Summary

An issue exists in the handling of MPLS traffic within Cisco's NX-OS Software that allows an unauthenticated remote adversary to trigger unexpected restarts of the netstack process. This vulnerability stems from insufficient error handling when dealing with ingress MPLS frames. An attacker can exploit this vulnerability by dispatching a specially crafted IPv6 packet encapsulated in an MPLS frame to the targeted device's MPLS-enabled interface. Such exploitation may result in a denial of service condition as the NX-OS device attempts to process the malicious packet. Notably, the IPv6 packet can originate multiple hops away from the device, facilitating potential remote attacks.

Affected Version(s)

Cisco NX-OS Software 6.0(2)A3(1)

Cisco NX-OS Software 6.0(2)A3(2)

Cisco NX-OS Software 6.0(2)A3(4)

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Aug 28, 2024
Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Nov 8, 2023