CVE-2023-20089
Summary
| CVE | CVE-2023-20089 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-02-23 20:15:00 UTC |
| Updated | 2023-11-07 04:06:00 UTC |
| Description | A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required. |
Risk And Classification
Problem Types: CWE-401
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Nexus 9000v | - | All | All | All |
| Hardware | Cisco | Nexus 92160yc-x | - | All | All | All |
| Hardware | Cisco | Nexus 92300yc | - | All | All | All |
| Hardware | Cisco | Nexus 92304qc | - | All | All | All |
| Hardware | Cisco | Nexus 92348gc-x | - | All | All | All |
| Hardware | Cisco | Nexus 9236c | - | All | All | All |
| Hardware | Cisco | Nexus 9272q | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-ex-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx3p | - | All | All | All |
| Hardware | Cisco | Nexus 93120tx | - | All | All | All |
| Hardware | Cisco | Nexus 93128tx | - | All | All | All |
| Hardware | Cisco | Nexus 9316d-gx | - | All | All | All |
| Hardware | Cisco | Nexus 93180lc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-ex-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx3 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx3s | - | All | All | All |
| Hardware | Cisco | Nexus 93216tc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 93240yc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9332c | - | All | All | All |
| Hardware | Cisco | Nexus 9332d-gx2b | - | All | All | All |
| Hardware | Cisco | Nexus 9332pq | - | All | All | All |
| Hardware | Cisco | Nexus 93360yc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9336c-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9336c-fx2-e | - | All | All | All |
| Hardware | Cisco | Nexus 9336pq Aci Spine | - | All | All | All |
| Hardware | Cisco | Nexus 9348d-gx2a | - | All | All | All |
| Hardware | Cisco | Nexus 9348gc-fxp | - | All | All | All |
| Hardware | Cisco | Nexus 93600cd-gx | - | All | All | All |
| Hardware | Cisco | Nexus 9364c | - | All | All | All |
| Hardware | Cisco | Nexus 9364c-gx | - | All | All | All |
| Hardware | Cisco | Nexus 9364d-gx2a | - | All | All | All |
| Hardware | Cisco | Nexus 9372px | - | All | All | All |
| Hardware | Cisco | Nexus 9372px-e | - | All | All | All |
| Hardware | Cisco | Nexus 9372tx | - | All | All | All |
| Hardware | Cisco | Nexus 9372tx-e | - | All | All | All |
| Hardware | Cisco | Nexus 9396px | - | All | All | All |
| Hardware | Cisco | Nexus 9396tx | - | All | All | All |
| Hardware | Cisco | Nexus 9408 | - | All | All | All |
| Hardware | Cisco | Nexus 9508 | - | All | All | All |
| Hardware | Cisco | Nexus 9808 | - | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(1g\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(2e\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(2f\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(2g\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(2h\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(3e\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(3f\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(3g\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(4d\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(4e\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(4f\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(5c\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(5d\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.2\(5e\) | All | All | All |
| Operating System | Cisco | Nx-os | 16.0\(1g\) | All | All | All |
| Operating System | Cisco | Nx-os | 16.0\(1j\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability | CISCO | sec.cloudapps.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317296 Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode Link Layer Discovery Protocol (LLDP) Memory Leak Denial of Service (DoS) Vulnerability (cisco-sa-aci-lldp-dos-ySCNZOpX)