Text only | Text with Images

Networking-Forums.com

Professional Discussions => Vendor Advisories => Topic started by: Netwörkheäd on April 07, 2022, 12:11:25 AM

Title: Cisco Security Advisory - Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
Post by: Netwörkheäd on April 07, 2022, 12:11:25 AM
Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability

<p>A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco&nbsp;NX-OS Software for Cisco&nbsp;Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.</p>
<p>This vulnerability is due to a logic error in the BFD rate limiter functionality. An attacker could exploit this vulnerability by sending a crafted stream of traffic through the device. A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition. This vulnerability applies to both IPv4 and IPv6 traffic.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn</a></p>
<p>This advisory is part of the February 2022 Cisco&nbsp;FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74834" rel="nofollow">Cisco&nbsp;Event Response: February 2022 Cisco&nbsp;FXOS and NX-OS Software Security Advisory Bundled Publication</a>.</p>

     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2022-20623
Source: Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Switches%20Bidirectional%20Forwarding%20Detection%20Denial%20of%20Service%20Vulnerability&vs_k=1)
Text only | Text with Images