QID 317138

Date Published: 2022-03-03

QID 317138: Cisco Nexus Operating System (NX-OS) Bidirectional Forwarding Detection Denial of Service (DoS) Vulnerability (cisco-sa-nxos-bfd-dos-wGQXrzxn)

A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.

Affected Products
Cisco Nexus 9200 and 9300 Platform Switches
Cisco Nexus 9500 Series Switches
Note: This vulnerability affects Cisco Nexus 9000 Series Switches in standalone NX-OS mode when all of the following conditions are met
The device is running a vulnerable version of Cisco NX-OS Software.
The device has the BFD feature enabled (BFD is disabled by default).
The device has a Cisco Cloud Scale ASIC installed.

A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as High - 7.1 severity.
    • Solution

    Customers are advised to refer to cisco-sa-nxos-bfd-dos-wGQXrzxn for more information.

    Vendor References

    CVEs related to QID 317138

    CVE-2022-20623 |
    Software Advisories
    Advisory ID Software Component Link
    cisco-sa-nxos-bfd-dos-wGQXrzxn URL Logo tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].