CVE-2022-20624

Summary

CVE	CVE-2022-20624
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-02-23 18:15:00 UTC
Updated	2023-11-07 03:42:00 UTC
Description	A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Cisco	N9k-c9316d-gx	-	All	All	All
Hardware	Cisco	N9k-c9332d-gx2b	-	All	All	All
Hardware	Cisco	N9k-c9348d-gx2a	-	All	All	All
Hardware	Cisco	N9k-c93600cd-gx	-	All	All	All
Hardware	Cisco	N9k-c9364d-gx2a	-	All	All	All
Hardware	Cisco	Nexus 3048	-	All	All	All
Hardware	Cisco	Nexus 31108pc-v	-	All	All	All
Hardware	Cisco	Nexus 31108tc-v	-	All	All	All
Hardware	Cisco	Nexus 31128pq	-	All	All	All
Hardware	Cisco	Nexus 3132c-z	-	All	All	All
Hardware	Cisco	Nexus 3132q-v	-	All	All	All
Hardware	Cisco	Nexus 3132q-x	-	All	All	All
Hardware	Cisco	Nexus 3132q-xl	-	All	All	All
Hardware	Cisco	Nexus 3164q	-	All	All	All
Hardware	Cisco	Nexus 3172pq	-	All	All	All
Hardware	Cisco	Nexus 3172pq-xl	-	All	All	All
Hardware	Cisco	Nexus 3172tq-xl	-	All	All	All
Hardware	Cisco	Nexus 3232c	-	All	All	All
Hardware	Cisco	Nexus 3264c-e	-	All	All	All
Hardware	Cisco	Nexus 3264q	-	All	All	All
Hardware	Cisco	Nexus 3408-s	-	All	All	All
Hardware	Cisco	Nexus 34180yc	-	All	All	All
Hardware	Cisco	Nexus 3432d-s	-	All	All	All
Hardware	Cisco	Nexus 3464c	-	All	All	All
Hardware	Cisco	Nexus 3524-x	-	All	All	All
Hardware	Cisco	Nexus 3524-xl	-	All	All	All
Hardware	Cisco	Nexus 3548-x	-	All	All	All
Hardware	Cisco	Nexus 3548-xl	-	All	All	All
Hardware	Cisco	Nexus 36180yc-r	-	All	All	All
Hardware	Cisco	Nexus 3636c-r	-	All	All	All
Hardware	Cisco	Nexus 92160yc-x	-	All	All	All
Hardware	Cisco	Nexus 92300yc	-	All	All	All
Hardware	Cisco	Nexus 92304qc	-	All	All	All
Hardware	Cisco	Nexus 92348gc-x	-	All	All	All
Hardware	Cisco	Nexus 9236c	-	All	All	All
Hardware	Cisco	Nexus 9272q	-	All	All	All
Hardware	Cisco	Nexus 9504	-	All	All	All
Hardware	Cisco	Nexus 9508	-	All	All	All
Hardware	Cisco	Nexus 9516	-	All	All	All
Operating System	Cisco	Nx-os	4.1\(1a\)a	All	All	All
Operating System	Cisco	Nx-os	7.0\(3\)	All	All	All
Operating System	Cisco	Nx-os	9.2\(2\)	All	All	All
Operating System	Cisco	Nx-os	9.2\(3\)	All	All	All
Operating System	Cisco	Nx-os	9.3\(3\)	All	All	All
Operating System	Cisco	Nx-os	9.3\(5\)	All	All	All
Hardware	Cisco	Ucs 64108	-	All	All	All
Hardware	Cisco	Ucs 6454	-	All	All	All

References

Reference	Source	Link	Tags
20220223 Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability	CISCO	tools.cisco.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

317137 Cisco Nexus Operating System (NX-OS) Software Denial of Service (DoS) Vulnerability (cisco-sa-cfsoip-dos-tpykyDr)