Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-1230

A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.

Published

2021-02-24T20:15:12.817

Last Modified

2024-11-21T05:43:53.000

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-233
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	nx-os	12.0\(1m\)	Yes
Operating System	cisco	nx-os	12.0\(1n\)	Yes
Operating System	cisco	nx-os	12.0\(1o\)	Yes
Operating System	cisco	nx-os	12.0\(1p\)	Yes
Operating System	cisco	nx-os	12.0\(1q\)	Yes
Operating System	cisco	nx-os	12.0\(1r\)	Yes
Operating System	cisco	nx-os	12.0\(2f\)	Yes
Operating System	cisco	nx-os	12.0\(2g\)	Yes
Operating System	cisco	nx-os	12.0\(2h\)	Yes
Operating System	cisco	nx-os	12.0\(2l\)	Yes
Operating System	cisco	nx-os	12.0\(2m\)	Yes
Operating System	cisco	nx-os	12.0\(2n\)	Yes
Operating System	cisco	nx-os	12.0\(2o\)	Yes
Operating System	cisco	nx-os	12.1\(1h\)	Yes
Operating System	cisco	nx-os	12.1\(1i\)	Yes
Operating System	cisco	nx-os	12.1\(2e\)	Yes
Operating System	cisco	nx-os	12.1\(2g\)	Yes
Operating System	cisco	nx-os	12.1\(2k\)	Yes
Operating System	cisco	nx-os	12.1\(3g\)	Yes
Operating System	cisco	nx-os	12.1\(3h\)	Yes
Operating System	cisco	nx-os	12.1\(3j\)	Yes
Operating System	cisco	nx-os	12.1\(4a\)	Yes
Operating System	cisco	nx-os	12.2\(1k\)	Yes
Operating System	cisco	nx-os	12.2\(1n\)	Yes
Operating System	cisco	nx-os	12.2\(1o\)	Yes
Operating System	cisco	nx-os	12.2\(2e\)	Yes
Operating System	cisco	nx-os	12.2\(2f\)	Yes
Operating System	cisco	nx-os	12.2\(2i\)	Yes
Operating System	cisco	nx-os	12.2\(2j\)	Yes
Operating System	cisco	nx-os	12.2\(2k\)	Yes
Operating System	cisco	nx-os	12.2\(2q\)	Yes
Operating System	cisco	nx-os	12.2\(3j\)	Yes
Operating System	cisco	nx-os	12.2\(3p\)	Yes
Operating System	cisco	nx-os	12.2\(3r\)	Yes
Operating System	cisco	nx-os	12.2\(3s\)	Yes
Operating System	cisco	nx-os	12.2\(3t\)	Yes
Operating System	cisco	nx-os	12.2\(4f\)	Yes
Operating System	cisco	nx-os	12.2\(4p\)	Yes
Operating System	cisco	nx-os	12.2\(4q\)	Yes
Operating System	cisco	nx-os	12.2\(4r\)	Yes
Operating System	cisco	nx-os	12.3\(1e\)	Yes
Operating System	cisco	nx-os	12.3\(1f\)	Yes
Operating System	cisco	nx-os	12.3\(1i\)	Yes
Operating System	cisco	nx-os	12.3\(1l\)	Yes
Operating System	cisco	nx-os	12.3\(1o\)	Yes
Operating System	cisco	nx-os	12.3\(1p\)	Yes
Operating System	cisco	nx-os	13.0\(1k\)	Yes
Operating System	cisco	nx-os	13.0\(2h\)	Yes
Operating System	cisco	nx-os	13.0\(2k\)	Yes
Operating System	cisco	nx-os	13.0\(2n\)	Yes
Operating System	cisco	nx-os	13.1\(1i\)	Yes
Operating System	cisco	nx-os	13.1\(2m\)	Yes
Operating System	cisco	nx-os	13.1\(2o\)	Yes
Operating System	cisco	nx-os	13.1\(2p\)	Yes
Operating System	cisco	nx-os	13.1\(2q\)	Yes
Operating System	cisco	nx-os	13.1\(2s\)	Yes
Operating System	cisco	nx-os	13.1\(2t\)	Yes
Operating System	cisco	nx-os	13.1\(2u\)	Yes
Operating System	cisco	nx-os	13.1\(2v\)	Yes
Operating System	cisco	nx-os	13.2\(1l\)	Yes
Operating System	cisco	nx-os	13.2\(1m\)	Yes
Operating System	cisco	nx-os	13.2\(2l\)	Yes
Operating System	cisco	nx-os	13.2\(2o\)	Yes
Operating System	cisco	nx-os	13.2\(3i\)	Yes
Operating System	cisco	nx-os	13.2\(3j\)	Yes
Operating System	cisco	nx-os	13.2\(3n\)	Yes
Operating System	cisco	nx-os	13.2\(3o\)	Yes
Operating System	cisco	nx-os	13.2\(3r\)	Yes
Operating System	cisco	nx-os	13.2\(3s\)	Yes
Operating System	cisco	nx-os	13.2\(4d\)	Yes
Operating System	cisco	nx-os	13.2\(4e\)	Yes
Operating System	cisco	nx-os	13.2\(5d\)	Yes
Operating System	cisco	nx-os	13.2\(5e\)	Yes
Operating System	cisco	nx-os	13.2\(5f\)	Yes
Operating System	cisco	nx-os	13.2\(6i\)	Yes
Operating System	cisco	nx-os	13.2\(7f\)	Yes
Operating System	cisco	nx-os	13.2\(7k\)	Yes
Operating System	cisco	nx-os	13.2\(8d\)	Yes
Operating System	cisco	nx-os	13.2\(9b\)	Yes
Operating System	cisco	nx-os	13.2\(9f\)	Yes
Operating System	cisco	nx-os	13.2\(9h\)	Yes
Operating System	cisco	nx-os	13.2\(41d\)	Yes
Operating System	cisco	nx-os	14.0\(1h\)	Yes
Operating System	cisco	nx-os	14.0\(2c\)	Yes
Operating System	cisco	nx-os	14.0\(3c\)	Yes
Operating System	cisco	nx-os	14.0\(3d\)	Yes
Operating System	cisco	nx-os	14.1\(1i\)	Yes
Operating System	cisco	nx-os	14.1\(1j\)	Yes
Operating System	cisco	nx-os	14.1\(1k\)	Yes
Operating System	cisco	nx-os	14.1\(1l\)	Yes
Operating System	cisco	nx-os	14.1\(2g\)	Yes
Operating System	cisco	nx-os	14.1\(2m\)	Yes
Operating System	cisco	nx-os	14.1\(2o\)	Yes
Operating System	cisco	nx-os	14.1\(2s\)	Yes
Operating System	cisco	nx-os	14.1\(2u\)	Yes
Operating System	cisco	nx-os	14.1\(2w\)	Yes
Operating System	cisco	nx-os	14.1\(2x\)	Yes
Operating System	cisco	nx-os	14.2\(1i\)	Yes
Operating System	cisco	nx-os	14.2\(1j\)	Yes
Operating System	cisco	nx-os	14.2\(1l\)	Yes
Operating System	cisco	nx-os	14.2\(2e\)	Yes
Operating System	cisco	nx-os	14.2\(2f\)	Yes
Operating System	cisco	nx-os	14.2\(2g\)	Yes
Hardware	cisco	nexus_9000v	-	No
Hardware	cisco	nexus_92160yc-x	-	No
Hardware	cisco	nexus_92300yc	-	No
Hardware	cisco	nexus_92304qc	-	No
Hardware	cisco	nexus_92348gc-x	-	No
Hardware	cisco	nexus_9236c	-	No
Hardware	cisco	nexus_9272q	-	No
Hardware	cisco	nexus_93108tc-ex	-	No
Hardware	cisco	nexus_93108tc-ex-24	-	No
Hardware	cisco	nexus_93108tc-fx	-	No
Hardware	cisco	nexus_93108tc-fx-24	-	No
Hardware	cisco	nexus_93120tx	-	No
Hardware	cisco	nexus_93128tx	-	No
Hardware	cisco	nexus_9316d-gx	-	No
Hardware	cisco	nexus_93180lc-ex	-	No
Hardware	cisco	nexus_93180yc-ex	-	No
Hardware	cisco	nexus_93180yc-ex-24	-	No
Hardware	cisco	nexus_93180yc-fx	-	No
Hardware	cisco	nexus_93180yc-fx-24	-	No
Hardware	cisco	nexus_93180yc-fx3	-	No
Hardware	cisco	nexus_93180yc-fx3s	-	No
Hardware	cisco	nexus_93216tc-fx2	-	No
Hardware	cisco	nexus_93240yc-fx2	-	No
Hardware	cisco	nexus_9332c	-	No
Hardware	cisco	nexus_9332pq	-	No
Hardware	cisco	nexus_93360yc-fx2	-	No
Hardware	cisco	nexus_9336c-fx2	-	No
Hardware	cisco	nexus_9336c-fx2-e	-	No
Hardware	cisco	nexus_9336pq_aci_spine	-	No
Hardware	cisco	nexus_9348gc-fxp	-	No
Hardware	cisco	nexus_93600cd-gx	-	No
Hardware	cisco	nexus_9364c	-	No
Hardware	cisco	nexus_9364c-gx	-	No
Hardware	cisco	nexus_9372px	-	No
Hardware	cisco	nexus_9372px-e	-	No
Hardware	cisco	nexus_9372tx	-	No
Hardware	cisco	nexus_9372tx-e	-	No
Hardware	cisco	nexus_9396px	-	No
Hardware	cisco	nexus_9396tx	-	No
Hardware	cisco	nexus_9508	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)