Design/Logic Flaw

2024-02-2901:43:00

PRIOn knowledge base

www.prio-n.com

ebgp

cisco nx-os

dos

vulnerability

network traffic

7.3 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

CPENameOperatorVersion
nx-oseq9.22.0
nx-oseq9.21.0
nx-oseq7.3.0-f33
nx-oseq9.31.0
nx-oseq9.23.0
nx-oseq7.3.0-f31
nx-oseq7.3.0-f32
nx-oseq7.3.0-f34
nx-oseq7.3.0-f33-a
nx-oseq7.3.0-f33-c

Name	Operator	Version
nx-os	eq	9.22.0
nx-os	eq	9.21.0
nx-os	eq	7.3.0-f33
nx-os	eq	9.31.0
nx-os	eq	9.23.0
nx-os	eq	7.3.0-f31
nx-os	eq	7.3.0-f32
nx-os	eq	7.3.0-f34
nx-os	eq	7.3.0-f33-a
nx-os	eq	7.3.0-f33-c