SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco NX-OS Vendors:   Cisco
Cisco NX-OS Management Interace ACL Configuration Error Lets Remote Users Consume Excessive CPU Resources on the Target System
SecurityTracker Alert ID:  1040247
SecurityTracker URL:  http://securitytracker.com/id/1040247
CVE Reference:   CVE-2018-0090   (Links to External Site)
Date:  Jan 18 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco NX-OS. A remote user can consume excessive CPU resources on the target system.

A remote user can send specially crafted packets to the management interface to exploit a flaw in the management interface access control list (ACL) configuration and cause the packets to be forwarded to the CPU for processing, consuming excessive CPU resources on the target system.

The following Nexus switches are affected:

2000 Series
3000 Series
5500 Platform
5600 Platform
6000 Series
7000 Series
7700 Series
9000 Series in standalone NX-OS mode

The vendor has assigned bug ID CSCvf31132 to this vulnerability.

Impact:   A remote user can consume excessive CPU resources on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos (Links to External Site)
Cause:   Access control error, Configuration error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC