Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-1454

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.

Published

2016-10-06T10:59:03.913

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

6.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	nx-os	< 6.0\(2\)u6\(7\)	Yes
Operating System	cisco	nx-os	< 7.0\(3\)i4\(1\)	Yes
Hardware	cisco	nexus_3016	-	No
Hardware	cisco	nexus_3048	-	No
Hardware	cisco	nexus_31108pc-v	-	No
Hardware	cisco	nexus_31108tc-v	-	No
Hardware	cisco	nexus_31128pq	-	No
Hardware	cisco	nexus_3132q	-	No
Hardware	cisco	nexus_3132q-v	-	No
Hardware	cisco	nexus_3164q	-	No
Hardware	cisco	nexus_3172	-	No
Hardware	cisco	nexus_3232c	-	No
Hardware	cisco	nexus_3264q	-	No
Operating System	cisco	nx-os	< 7.1\(4\)n1\(1\)	Yes
Operating System	cisco	nx-os	< 7.2\(2\)n1\(1\)	Yes
Operating System	cisco	nx-os	< 7.3\(0\)n1\(1\)	Yes
Hardware	cisco	5548p	-	No
Hardware	cisco	5548up	-	No
Hardware	cisco	5596t	-	No
Hardware	cisco	5596up	-	No
Hardware	cisco	56128p	-	No
Hardware	cisco	5624q	-	No
Hardware	cisco	5648q	-	No
Hardware	cisco	5672up	-	No
Hardware	cisco	5672up-16g	-	No
Hardware	cisco	5696q	-	No
Hardware	cisco	nexus_6001	-	No
Hardware	cisco	nexus_6004	-	No
Operating System	cisco	nx-os	< 5.2	Yes
Hardware	cisco	nexus_5010	-	No
Hardware	cisco	nexus_5020	-	No
Operating System	cisco	nx-os	< 7.2\(2\)d1\(1\)	Yes
Operating System	cisco	nx-os	< 7.3\(1\)d1\(1\)	Yes
Hardware	cisco	nexus_7000_10-slot	-	No
Hardware	cisco	nexus_7000_18-slot	-	No
Hardware	cisco	nexus_7000_4-slot	-	No
Hardware	cisco	nexus_7000_9-slot	-	No
Hardware	cisco	nexus_7700_10-slot	-	No
Hardware	cisco	nexus_7700_18-slot	-	No
Hardware	cisco	nexus_7700_2-slot	-	No
Hardware	cisco	nexus_7700_6-slot	-	No
Operating System	cisco	nx-os	< 5.2\(1\)sv3\(1.15\)	Yes
Hardware	cisco	nexus_1000v_for_vmware_vsphere	-	No
Operating System	cisco	nx-os	< 7.0\(3\)i4\(1\)	Yes
Operating System	cisco	nx-os	< 11.1\(1j\)	Yes
Hardware	cisco	nexus_92160yc-x	-	No
Hardware	cisco	nexus_92304qc	-	No
Hardware	cisco	nexus_9236c	-	No
Hardware	cisco	nexus_9272q	-	No
Hardware	cisco	nexus_93108tc-ex	-	No
Hardware	cisco	nexus_93120tx	-	No
Hardware	cisco	nexus_93128tx	-	No
Hardware	cisco	nexus_93180yc-ex	-	No
Hardware	cisco	nexus_9332pq	-	No
Hardware	cisco	nexus_9336pq_aci_spine	-	No
Hardware	cisco	nexus_9372px	-	No
Hardware	cisco	nexus_9372tx	-	No
Hardware	cisco	nexus_9396px	-	No
Hardware	cisco	nexus_9396tx	-	No
Hardware	cisco	nexus_9504	-	No
Hardware	cisco	nexus_9508	-	No
Hardware	cisco	nexus_9516	-	No
Operating System	cisco	nx-os	< 6.0\(2\)a8\(1\)	Yes
Hardware	cisco	nexus_3524	-	No
Hardware	cisco	nexus_3548	-	No

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/93417 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036950 Third Party Advisory, VDB Entry ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/93417 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036950 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)