CiscoCVELIST:CVE-2024-20321CVE-2024-20321
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco NX-OS Software",
"versions": [
{
"version": "7.0(3)F1(1)",
"status": "affected"
},
{
"version": "7.0(3)F2(1)",
"status": "affected"
},
{
"version": "7.0(3)F2(2)",
"status": "affected"
},
{
"version": "7.0(3)F3(1)",
"status": "affected"
},
{
"version": "7.0(3)F3(2)",
"status": "affected"
},
{
"version": "7.0(3)F3(3)",
"status": "affected"
},
{
"version": "7.0(3)F3(3a)",
"status": "affected"
},
{
"version": "7.0(3)F3(4)",
"status": "affected"
},
{
"version": "7.0(3)F3(3c)",
"status": "affected"
},
{
"version": "7.0(3)F3(5)",
"status": "affected"
},
{
"version": "9.2(1)",
"status": "affected"
},
{
"version": "9.2(2)",
"status": "affected"
},
{
"version": "9.2(2t)",
"status": "affected"
},
{
"version": "9.2(3)",
"status": "affected"
},
{
"version": "9.2(4)",
"status": "affected"
},
{
"version": "9.2(2v)",
"status": "affected"
},
{
"version": "9.3(1)",
"status": "affected"
},
{
"version": "9.3(2)",
"status": "affected"
},
{
"version": "9.3(3)",
"status": "affected"
},
{
"version": "9.3(4)",
"status": "affected"
},
{
"version": "9.3(5)",
"status": "affected"
},
{
"version": "9.3(6)",
"status": "affected"
},
{
"version": "9.3(7)",
"status": "affected"
},
{
"version": "9.3(7a)",
"status": "affected"
},
{
"version": "9.3(8)",
"status": "affected"
},
{
"version": "9.3(9)",
"status": "affected"
},
{
"version": "9.3(10)",
"status": "affected"
},
{
"version": "9.3(11)",
"status": "affected"
},
{
"version": "9.3(12)",
"status": "affected"
},
{
"version": "10.1(1)",
"status": "affected"
},
{
"version": "10.1(2)",
"status": "affected"
},
{
"version": "10.1(2t)",
"status": "affected"
},
{
"version": "10.2(1)",
"status": "affected"
},
{
"version": "10.2(1q)",
"status": "affected"
},
{
"version": "10.2(2)",
"status": "affected"
},
{
"version": "10.2(3)",
"status": "affected"
},
{
"version": "10.2(3t)",
"status": "affected"
},
{
"version": "10.2(4)",
"status": "affected"
},
{
"version": "10.2(5)",
"status": "affected"
},
{
"version": "10.2(3v)",
"status": "affected"
},
{
"version": "10.2(6)",
"status": "affected"
},
{
"version": "10.3(1)",
"status": "affected"
},
{
"version": "10.3(2)",
"status": "affected"
},
{
"version": "10.3(3)",
"status": "affected"
},
{
"version": "10.3(99w)",
"status": "affected"
},
{
"version": "10.3(99x)",
"status": "affected"
},
{
"version": "10.3(4a)",
"status": "affected"
},
{
"version": "10.4(1)",
"status": "affected"
}
]
}
]Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%