3 matches found
Cisco NX-OS Improper Authentication (CVE-2014-3295)
The HSRP implementation in Cisco NX-OS 6.22a and earlier allows remote attackers to bypass authentication and cause a denial of service group-member state modification and traffic blackholing via malformed HSRP packets, aka Bug ID CSCup11309. This plugin only works with Tenable.ot. Please visit...
Cisco NX-OS Software HSRP Authentication Denial of Service Vulnerability (Cisco-SA-20140611-CVE-2014-3295)
A vulnerability in Hot Standby Router Protocol HSRP authentication in the Cisco Nexus series could allow an unauthenticated, adjacent attacker to affect the state of HSRP group members and cause black holing of traffic. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be...
CVE-2014-3295
CVE-2014-3295 affects Cisco NX-OS HSRP authentication: malformed HSRP packets can bypass authentication and cause DoS by manipulating group-member states and traffic blackholing on Cisco NX-OS versions 6.2(2a) and earlier. Connected sources confirm the issue in the HSRP parsing logic (Bug CSCup11...