Executive Summary
Summary | |
---|---|
Title | Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20160203-n9knci | First vendor Publication | 2016-02-03 |
Vendor | Cisco | Last vendor Modification | 2016-02-03 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the ICMP implementation in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch could allow an unauthenticated, remote attacker to cause the switch to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of an ICMP packet with the IPv4 Type 7 option for record route. An attacker could exploit this vulnerability by sending an ICMP packet with the record route option to an interface on the affected switch. An exploit could allow the attacker to cause a DoS condition because the switch will reload each time the ICMP packet is received. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVqlFZa89gD3EAJB5AQIUJg//ft1XTFmFXhnNBfE5YpLhMSzgvtumqyuT Q6gO8y2E6ss4c013PNVDah7p+iSg6niYI47KOexd2Q05gEKOtQ0ohWk3zxH3I1nv pwL5YhhKpPOpckOt8ZbkUQuBbsxMyst0zb1Nw7MtOLUxqhZvID8nTQUkGJtIw5pz Z1/11YlmpMswF4+xUkdL7HuF4vsHFR5nLuepcAdJdsa8PKL4dQ+d3CIQzEOVU/K8 cUIN4JPRv6enlGzVfAgkSMLUmgd/lBXMI+IKVbrznAr1Abn0f3EkgPXyHTsQEuRA vQLRcNRGiIBDLbHGKlmHb0nN7XY+hIkHkKSLOwNgY4u7o3CxFxerqE/QEMh0+B1s HxVFVJVG2bJJNo9Y/MeaCHU5HoqKcm+sF7lcxOgR35chYapfZBn0G8j/6is32pQ6 U3+nIq7X5NVQDLeDPqohHNu/1mzstzkuQt4YlMB1wyjP8FY/mcCzFX17hxJEQRzb KeEGZ4/Yk2s11a6ZgTtA3JWtwe1WMyvgAE510SrPnygtfWXHc0SQQeZIt/8rHvGD Gy46LCD/xjVaCq3+DA/fFbUjRkgOO5YSQ+ZL1eGuAYk0vRmOxAFMcErnuLsxLPTx 9SnepLQ4g++7QuAjaZk2hrfcwYI1rxjULWq4I+WkdjwBOyl68Pkg6MljMvJwxkWA C+39AsHJFGs= =8cf3 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
Alert History
Date | Informations |
---|---|
2016-03-10 21:28:01 |
|
2016-02-04 05:29:14 |
|
2016-02-04 05:24:44 |
|