Cisco NX-OS Software Vulnerability Could Lead to Denial of Service
CVE-2024-20321

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Nx-os Software
Vendor: CVE Published:; 29 February 2024

Summary

A vulnerability exists in the External Border Gateway Protocol (eBGP) implementation of Cisco's NX-OS Software, which could be exploited by an unauthenticated remote attacker. This issue arises from the mapping of eBGP traffic to a shared hardware rate-limiter queue, allowing attackers to send specially crafted large volumes of network traffic. Successful exploitation may result in the termination of eBGP neighbor sessions, thus creating a denial of service condition that disrupts network operations. Preventive measures and mitigations are essential to safeguard the affected products from potential exploitation.

Affected Version(s)

Cisco NX-OS Software 7.0(3)F1(1)

Cisco NX-OS Software 7.0(3)F2(1)

Cisco NX-OS Software 7.0(3)F2(2)

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Nov 8, 2023