漏洞标题
N/A
漏洞描述信息
Cisco NX-OS软件中边界 Gateway Protocol(BGP)实现中的漏洞可能导致无授权的远程攻击者因设备意外重启而导致拒绝服务(DoS)情况发生。该漏洞是由于 BGP 更新消息的输入验证不完整造成的。攻击者可以通过向目标设备发送精心构造的 BGP 更新消息来利用此漏洞。利用此漏洞可以使攻击者导致交换机意外重启。Cisco BGP协议的实现仅接受来自明确定义的 peers 的 incoming BGP 流量。要利用此漏洞,攻击者必须能够通过 TCP 连接发送恶意数据包,这些数据包看起来像来自可信的 BGP 邻居,或将错误的信息注入到受害者的 BGP 网络中。这可能需要获取受影响系统的信任网络中 BGP 邻居的信息。该漏洞可能在路由器收到来自现有 BGP 会话中的邻居的错误 BGP 消息时触发。至少建立一个 BGP 邻居会话才能使路由器成为弱点。此漏洞影响 Nexus 2000 系列交换机、 Nexus 3000 系列交换机、 Nexus 3500 平台交换机、 Nexus 3600 平台交换机、 Nexus 5500 平台交换机、 Nexus 5600 平台交换机、 Nexus 6000 系列交换机、 Nexus 7000 系列交换机、 Nexus 7700 系列交换机、 Nexus 9000 系列 Fabric 交换机在应用集中基础设施(ACI)模式下的应用, Nexus 9000 系列交换机在 standalone NX-OS 模式下的 Nexus 9500 R-Series 线卡和 Fabric 模块。Cisco Bug ID: CSCve79599, CSCve87784, CSCve91371, CSCve91387。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387.
CVSS信息
N/A
漏洞类别
输入验证不恰当
漏洞标题
多款Cisco产品NX-OS Software 输入验证漏洞
漏洞描述信息
Cisco Nexus 2000 Series Switches等都是美国思科(Cisco)公司的产品。Cisco Nexus 2000 Series Switches等都是交换机设备。Fabric Modules是一款交换机矩阵模块。NX-OS Software是运行在其中的一套交换机使用的数据中心级操作系统软件。Border Gateway Protocol(BGP)是其中的一个边界网络协议。 多款Cisco产品中NX-OS Software的Border Gateway Protocol (BGP)
CVSS信息
N/A
漏洞类别
输入验证错误