Security News > 2020 > June > Severe Cisco DoS Flaw Can Cripple Nexus Switches

Severe Cisco DoS Flaw Can Cripple Nexus Switches
2020-06-02 16:16

Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco's Nexus-series Ethernet switches.

If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists configured on affected Nexus switches - and launch a denial of service attacks on the devices.

Cisco said that under "Certain conditions," the crafted packets could cause the network stack process to crash and restart multiple times - ultimately leading to DoS for affected devices.

Specifically impacted by the flaw are the Nexus 1000, 3000, 5500, 5600, 6000, 7000 and 9000 series, as well as Cisco Unified Computing System 6200 and 06300 Series Fabric Interconnects.

The flaw comes a week after Cisco announced that attackers were able to compromise its servers, after exploiting two known, critical SaltStack vulnerabilities.


News URL

https://threatpost.com/cisco-dos-flaw-nexus-switches/156203/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749