Lucene search

CiscoCISCO-SA-NXOS-EBGP-DOS-L3QCWVJ

HistoryFeb 28, 2024 - 4:00 p.m.

Cisco NX-OS Software External Border Gateway Protocol Denial of Service Vulnerability

2024-02-2816:00:00

tools.cisco.com

cisco

nx-os

ebgp

denial of service

vulnerability

7.3 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ”]

This advisory is part of the February 2024 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2024 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75059”].

Affected configurations

Vulners

Node

cisconx-osMatch7.0\(3\)f1nexus_9000_series

cisconx-osMatch7.0\(3\)f2nexus_9000_series

cisconx-osMatch7.0\(3\)f3nexus_9000_series

cisconx-osMatch9.2nexus_9000_series

cisconx-osMatch9.3nexus_9000_series

cisconx-osMatch10.1nexus_9000_series

cisconx-osMatch10.2nexus_9000_series

cisconx-osMatch10.3nexus_9000_series

cisconx-osMatch10.4nexus_9000_series

cisconx-os_for_nexus_7700_series_switchesMatchany

cisconx-osMatchanynexus_9000_series

cisconx-osMatch7.0\(3\)f1\(1\)nexus_9000_series

cisconx-osMatch7.0\(3\)f2\(1\)nexus_9000_series

cisconx-osMatch7.0\(3\)f2\(2\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(1\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(2\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(3\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(3a\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(4\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(3c\)nexus_9000_series

cisconx-osMatch7.0\(3\)f3\(5\)nexus_9000_series

cisconx-osMatch9.2\(1\)nexus_9000_series

cisconx-osMatch9.2\(2\)nexus_9000_series

cisconx-osMatch9.2\(2t\)nexus_9000_series

cisconx-osMatch9.2\(3\)nexus_9000_series

cisconx-osMatch9.2\(3y\)nexus_9000_series

cisconx-osMatch9.2\(4\)nexus_9000_series

cisconx-osMatch9.2\(2v\)nexus_9000_series

cisconx-osMatch9.3\(1\)nexus_9000_series

cisconx-osMatch9.3\(2\)nexus_9000_series

cisconx-osMatch9.3\(3\)nexus_9000_series

cisconx-osMatch9.3\(1z\)nexus_9000_series

cisconx-osMatch9.3\(4\)nexus_9000_series

cisconx-osMatch9.3\(5\)nexus_9000_series

cisconx-osMatch9.3\(6\)nexus_9000_series

cisconx-osMatch9.3\(5w\)nexus_9000_series

cisconx-osMatch9.3\(7\)nexus_9000_series

cisconx-osMatch9.3\(7k\)nexus_9000_series

cisconx-osMatch9.3\(7a\)nexus_9000_series

cisconx-osMatch9.3\(8\)nexus_9000_series

cisconx-osMatch9.3\(9\)nexus_9000_series

cisconx-osMatch9.3\(10\)nexus_9000_series

cisconx-osMatch9.3\(11\)nexus_9000_series

cisconx-osMatch9.3\(12\)nexus_9000_series

cisconx-osMatch10.1\(1\)nexus_9000_series

cisconx-osMatch10.1\(2\)nexus_9000_series

cisconx-osMatch10.1\(2t\)nexus_9000_series

cisconx-osMatch10.2\(1\)nexus_9000_series

cisconx-osMatch10.2\(1q\)nexus_9000_series

cisconx-osMatch10.2\(2\)nexus_9000_series

cisconx-osMatch10.2\(3\)nexus_9000_series

cisconx-osMatch10.2\(2a\)nexus_9000_series

cisconx-osMatch10.2\(3t\)nexus_9000_series

cisconx-osMatch10.2\(4\)nexus_9000_series

cisconx-osMatch10.2\(5\)nexus_9000_series

cisconx-osMatch10.2\(3v\)nexus_9000_series

cisconx-osMatch10.2\(6\)nexus_9000_series

cisconx-osMatch10.3\(1\)nexus_9000_series

cisconx-osMatch10.3\(2\)nexus_9000_series

cisconx-osMatch10.3\(3\)nexus_9000_series

cisconx-osMatch10.3\(99w\)nexus_9000_series

cisconx-osMatch10.3\(3w\)nexus_9000_series

cisconx-osMatch10.3\(99x\)nexus_9000_series

cisconx-osMatch10.3\(3o\)nexus_9000_series

cisconx-osMatch10.3\(4a\)nexus_9000_series

cisconx-osMatch10.3\(3p\)nexus_9000_series

cisconx-osMatch10.3\(4\)nexus_9000_series

cisconx-osMatch10.3\(3q\)nexus_9000_series

cisconx-osMatch10.3\(3x\)nexus_9000_series

cisconx-osMatch10.4\(1\)nexus_9000_series

cisconx-os_for_nexus_5600_platform_switchesMatch3000_series_switches

cisconx-os_for_nexus_5600_platform_switchesMatch9000_series_switches

cisconx-osMatchanynexus_9000_series