CVE-2024-20267— Cisco NX-OS Software 安全漏洞

N/A

A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of proper error checking when processing an ingress MPLS frame. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that is encapsulated within an MPLS frame to an MPLS-enabled interface of the targeted device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition. Note: The IPv6 packet can be generated multiple hops away from the targeted device and then encapsulated within MPLS. The DoS condition may occur when the NX-OS device processes the packet.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software是美国思科（Cisco）公司的一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software存在安全漏洞。攻击者利用该漏洞导致 netstack 进程意外重启，从而导致设备停止处理网络流量或重新加载。

N/A

N/A