Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
缓冲区上溢读取
Vulnerability Title
Cisco NX-OS Software 缓冲区错误漏洞
Vulnerability Description
Cisco NX-OS Software是美国思科(Cisco)公司的一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software OSPFv3存在安全漏洞,该漏洞源于其对特定OSPFv3报文的输入验证不完全允许未经验证的远程攻击者重复发送恶意的OSPFv3链路状态通告(LSA)导致OSPFv3进程崩溃和重启,使受影响的设备重新加载实现拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A