Cisco UCS 6100 Fabric Interconnect Memory Leak Denial of Service Vulnerability

A vulnerability in the memory management when executing either the show monitor session all or show monitor session command-line interface (CLI) commands on the Cisco Unified Computing System (UCS) 6100 Series Fabric Interconnects could allow an authenticated, local attacker to trigger a memory leak.

The vulnerability is due to not releasing memory after execution of the CLI commands, if a Switched Port Analyzer (SPAN) session is not actually configured. An attacker could exploit this vulnerability by executing either the show monitor session all or the show monitor session locally on the device. An exploit could allow the attacker to cause the device to exhaust its memory and reset.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, an attacker would need to authenticate and have local access to the targeted device. These access requirements limit the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.