Severe Cisco DoS Flaw Can Cripple Nexus Switches

2020-06-02 16:16

Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco's Nexus-series Ethernet switches.

If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists configured on affected Nexus switches - and launch a denial of service attacks on the devices.

Cisco said that under "Certain conditions," the crafted packets could cause the network stack process to crash and restart multiple times - ultimately leading to DoS for affected devices.

Specifically impacted by the flaw are the Nexus 1000, 3000, 5500, 5600, 6000, 7000 and 9000 series, as well as Cisco Unified Computing System 6200 and 06300 Series Fabric Interconnects.

The flaw comes a week after Cisco announced that attackers were able to compromise its servers, after exploiting two known, critical SaltStack vulnerabilities.

News URL

https://threatpost.com/cisco-dos-flaw-nexus-switches/156203/

#cisco #DOS #nexus

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		4442	231	3052	1816	604	5703