CVE-2022-20823

high-risk
Published 2022-08-25

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

Do I need to act?

-
0.64% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.6/10 High
NETWORK / LOW complexity

Affected Products (20)

Nexus 3016 Firmware
Nexus 3016Q Firmware
Nexus 3048 Firmware
Nexus 3064 Firmware
Nexus 3064-32T Firmware
Nexus 3064-T Firmware
Nexus 3064-X Firmware
Nexus 3064T Firmware
Nexus 3064X Firmware
Nexus 3100 Firmware
Nexus 3100-V Firmware
Nexus 3100-Z Firmware
Nexus 3100V Firmware
Nexus 31108Pc-V Firmware
Nexus 31108Pv-V Firmware
Nexus 31108Tc-V Firmware
Nexus 31128Pq Firmware
Nexus 3132C-Z Firmware
Nexus 3132Q Firmware
Nexus 3132Q-V Firmware

Affected Vendors

Cisco

References (2)

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n...
Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n...
63
/ 100
high-risk
Severity 29/34 · Critical
Exploitability 2/34 · Minimal
Exposure 32/34 · Critical