Cisco NX-OS FCIP Remote Denial of Service Vulnerability

2012-08-10T21:30:36
ID CISCO-SA-20120810-CVE-2012-1340
Type cisco
Reporter Cisco
Modified 2012-08-10T21:30:37

Description

Cisco NX-OS contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device.

The vulnerability is due to improper processing of certain packets by the affected devices. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious packets to the device. Processing the packets could cause a DoS condition on a targeted device.

Cisco has confirmed this vulnerability and has released updated software.

A successful exploit could allow an attacker to cause the vulnerable device to reload, potentially preventing authorized users from accessing network resources served by the targeted device.

In typical network configuration, such devices are placed behind a firewall. To achieve the objective, an attacker would need access to an internal network to send crafted packets to a vulnerable device. This access requirement could limit the possibility of a successful exploit.