Cisco NX-OS Denial of Service vulnerabilities

ADVISORY!

TLP : CLEAR

Date : 01/03/2024

REF NO : CERT / 2024/03/16

Severity Level: Medium

Components Affected

N3K-C36180YC-R
N3K-C3636C-R
N9K-X9624D-R2
N9K-X9636C-R
N9K-X9636C-RX
N9K-X9636Q-R
N9K-X96136YC-R
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Fabric Switches in ACI mode
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
UCS 6500 Series Fabric Interconnects

Overview

Multiple vulnerabilities were identified in Cisco NX-OS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition.

Description

A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of proper error checking when processing an ingress MPLS frame. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that is encapsulated within an MPLS frame to an MPLS-enabled interface of the targeted device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition. Note: The IPv6 packet can be generated multiple hops away from the targeted device and then encapsulated within MPLS. The DoS condition may occur when the NX-OS device processes the packet.

CVE-2024-20267

A vulnerability has been identified in Cisco FXOS Software and Cisco NX-OS Software related to the Link Layer Discovery Protocol (LLDP). This vulnerability could be exploited by an unauthenticated attacker located nearby the affected device. By sending a specifically crafted LLDP packet to an interface of the device, the attacker can trigger a denial of service (DoS) condition by causing the LLDP service to crash. This crash may lead to the device restarting in certain instances. Exploiting this vulnerability requires direct connectivity to the affected device, either physically or through a Layer 2 Tunnel configured to transport LLDP traffic.

CVE-2024-20294

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

CVE-2024-20321

Impact

Denial of Service

Solution/ Workarounds

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Reference

Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.

Sri Lanka Computer Emergency Readiness Team | Coordination Centre

Quick Links

Useful Links

Contact

Hotline : 101
+94 11 269 1692
Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
General inquiry: cert@cert.gov.lk
Security incidents: incidents@cert.gov.lk
Social media incidents: report@cert.gov.lk

ADVISORY!