Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20823

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 8.6, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 294 products from cisco, from cisco, from cisco and 291 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2022, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2022-08-25T19:15:08.147

Last Modified

2024-11-21T06:43:37.493

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-126
Type: Primary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	nexus_3016_firmware	-	Yes
Hardware	cisco	nexus_3016	-	No
Operating System	cisco	nexus_3016q_firmware	-	Yes
Hardware	cisco	nexus_3016q	-	No
Operating System	cisco	nexus_3048_firmware	-	Yes
Hardware	cisco	nexus_3048	-	No
Operating System	cisco	nexus_3064_firmware	-	Yes
Hardware	cisco	nexus_3064	-	No
Operating System	cisco	nexus_3064-32t_firmware	-	Yes
Hardware	cisco	nexus_3064-32t	-	No
Operating System	cisco	nexus_3064-t_firmware	-	Yes
Hardware	cisco	nexus_3064-t	-	No
Operating System	cisco	nexus_3064-x_firmware	-	Yes
Hardware	cisco	nexus_3064-x	-	No
Operating System	cisco	nexus_3064t_firmware	-	Yes
Hardware	cisco	nexus_3064t	-	No
Operating System	cisco	nexus_3064x_firmware	-	Yes
Hardware	cisco	nexus_3064x	-	No
Operating System	cisco	nexus_3100_firmware	-	Yes
Hardware	cisco	nexus_3100	-	No
Operating System	cisco	nexus_3100-v_firmware	-	Yes
Hardware	cisco	nexus_3100-v	-	No
Operating System	cisco	nexus_3100-z_firmware	-	Yes
Hardware	cisco	nexus_3100-z	-	No
Operating System	cisco	nexus_3100v_firmware	-	Yes
Hardware	cisco	nexus_3100v	-	No
Operating System	cisco	nexus_31108pc-v_firmware	-	Yes
Hardware	cisco	nexus_31108pc-v	-	No
Operating System	cisco	nexus_31108pv-v_firmware	-	Yes
Hardware	cisco	nexus_31108pv-v	-	No
Operating System	cisco	nexus_31108tc-v_firmware	-	Yes
Hardware	cisco	nexus_31108tc-v	-	No
Operating System	cisco	nexus_31128pq_firmware	-	Yes
Hardware	cisco	nexus_31128pq	-	No
Operating System	cisco	nexus_3132c-z_firmware	-	Yes
Hardware	cisco	nexus_3132c-z	-	No
Operating System	cisco	nexus_3132q_firmware	-	Yes
Hardware	cisco	nexus_3132q	-	No
Operating System	cisco	nexus_3132q-v_firmware	-	Yes
Hardware	cisco	nexus_3132q-v	-	No
Operating System	cisco	nexus_3132q-x_firmware	-	Yes
Hardware	cisco	nexus_3132q-x	-	No
Operating System	cisco	nexus_3132q-x\/3132q-xl_firmware	-	Yes
Hardware	cisco	nexus_3132q-x\/3132q-xl	-	No
Operating System	cisco	nexus_3132q-xl_firmware	-	Yes
Hardware	cisco	nexus_3132q-xl	-	No
Operating System	cisco	nexus_3164q_firmware	-	Yes
Hardware	cisco	nexus_3164q	-	No
Operating System	cisco	nexus_3172_firmware	-	Yes
Hardware	cisco	nexus_3172	-	No
Operating System	cisco	nexus_3172pq_firmware	-	Yes
Hardware	cisco	nexus_3172pq	-	No
Operating System	cisco	nexus_3172pq-xl_firmware	-	Yes
Hardware	cisco	nexus_3172pq-xl	-	No
Operating System	cisco	nexus_3172pq\/pq-xl_firmware	-	Yes
Hardware	cisco	nexus_3172pq\/pq-xl	-	No
Operating System	cisco	nexus_3172tq_firmware	-	Yes
Hardware	cisco	nexus_3172tq	-	No
Operating System	cisco	nexus_3172tq-32t_firmware	-	Yes
Hardware	cisco	nexus_3172tq-32t	-	No
Operating System	cisco	nexus_3172tq-xl_firmware	-	Yes
Hardware	cisco	nexus_3172tq-xl	-	No
Operating System	cisco	nexus_3200_firmware	-	Yes
Hardware	cisco	nexus_3200	-	No
Operating System	cisco	nexus_3232c_firmware	-	Yes
Hardware	cisco	nexus_3232c	-	No
Operating System	cisco	nexus_3232c__firmware	-	Yes
Hardware	cisco	nexus_3232c_	-	No
Operating System	cisco	nexus_3264c-e_firmware	-	Yes
Hardware	cisco	nexus_3264c-e	-	No
Operating System	cisco	nexus_3264q_firmware	-	Yes
Hardware	cisco	nexus_3264q	-	No
Operating System	cisco	nexus_3400_firmware	-	Yes
Hardware	cisco	nexus_3400	-	No
Operating System	cisco	nexus_3408-s_firmware	-	Yes
Hardware	cisco	nexus_3408-s	-	No
Operating System	cisco	nexus_34180yc_firmware	-	Yes
Hardware	cisco	nexus_34180yc	-	No
Operating System	cisco	nexus_34200yc-sm_firmware	-	Yes
Hardware	cisco	nexus_34200yc-sm	-	No
Operating System	cisco	nexus_3432d-s_firmware	-	Yes
Hardware	cisco	nexus_3432d-s	-	No
Operating System	cisco	nexus_3464c_firmware	-	Yes
Hardware	cisco	nexus_3464c	-	No
Operating System	cisco	nexus_3500_firmware	-	Yes
Hardware	cisco	nexus_3500	-	No
Operating System	cisco	nexus_3500_platform_firmware	-	Yes
Hardware	cisco	nexus_3500_platform	-	No
Operating System	cisco	nexus_3524_firmware	-	Yes
Hardware	cisco	nexus_3524	-	No
Operating System	cisco	nexus_3524-x_firmware	-	Yes
Hardware	cisco	nexus_3524-x	-	No
Operating System	cisco	nexus_3524-x\/xl_firmware	-	Yes
Hardware	cisco	nexus_3524-x\/xl	-	No
Operating System	cisco	nexus_3524-xl_firmware	-	Yes
Hardware	cisco	nexus_3524-xl	-	No
Operating System	cisco	nexus_3548_firmware	-	Yes
Hardware	cisco	nexus_3548	-	No
Operating System	cisco	nexus_3548-x_firmware	-	Yes
Hardware	cisco	nexus_3548-x	-	No
Operating System	cisco	nexus_3548-x\/xl_firmware	-	Yes
Hardware	cisco	nexus_3548-x\/xl	-	No
Operating System	cisco	nexus_3548-xl_firmware	-	Yes
Hardware	cisco	nexus_3548-xl	-	No
Operating System	cisco	nexus_3600_firmware	-	Yes
Hardware	cisco	nexus_3600	-	No
Operating System	cisco	nexus_36180yc-r_firmware	-	Yes
Hardware	cisco	nexus_36180yc-r	-	No
Operating System	cisco	nexus_3636c-r_firmware	-	Yes
Hardware	cisco	nexus_3636c-r	-	No
Operating System	cisco	nexus_5500_firmware	-	Yes
Hardware	cisco	nexus_5500	-	No
Operating System	cisco	nexus_5548p_firmware	-	Yes
Hardware	cisco	nexus_5548p	-	No
Operating System	cisco	nexus_5548up_firmware	-	Yes
Hardware	cisco	nexus_5548up	-	No
Operating System	cisco	nexus_5596t_firmware	-	Yes
Hardware	cisco	nexus_5596t	-	No
Operating System	cisco	nexus_5596up_firmware	-	Yes
Hardware	cisco	nexus_5596up	-	No
Operating System	cisco	nexus_5600_firmware	-	Yes
Hardware	cisco	nexus_5600	-	No
Operating System	cisco	nexus_56128p_firmware	-	Yes
Hardware	cisco	nexus_56128p	-	No
Operating System	cisco	nexus_5624q_firmware	-	Yes
Hardware	cisco	nexus_5624q	-	No
Operating System	cisco	nexus_5648q_firmware	-	Yes
Hardware	cisco	nexus_5648q	-	No
Operating System	cisco	nexus_5672up_firmware	-	Yes
Hardware	cisco	nexus_5672up	-	No
Operating System	cisco	nexus_5672up-16g_firmware	-	Yes
Hardware	cisco	nexus_5672up-16g	-	No
Operating System	cisco	nexus_5696q_firmware	-	Yes
Hardware	cisco	nexus_5696q	-	No
Operating System	cisco	nexus_6000_firmware	-	Yes
Hardware	cisco	nexus_6000	-	No
Operating System	cisco	nexus_6001_firmware	-	Yes
Hardware	cisco	nexus_6001	-	No
Operating System	cisco	nexus_6001p_firmware	-	Yes
Hardware	cisco	nexus_6001p	-	No
Operating System	cisco	nexus_6001t_firmware	-	Yes
Hardware	cisco	nexus_6001t	-	No
Operating System	cisco	nexus_6004_firmware	-	Yes
Hardware	cisco	nexus_6004	-	No
Operating System	cisco	nexus_6004x_firmware	-	Yes
Hardware	cisco	nexus_6004x	-	No
Operating System	cisco	nexus_7000_firmware	-	Yes
Hardware	cisco	nexus_7000	-	No
Operating System	cisco	nexus_7000_10-slot_firmware	-	Yes
Hardware	cisco	nexus_7000_10-slot	-	No
Operating System	cisco	nexus_7000_18-slot_firmware	-	Yes
Hardware	cisco	nexus_7000_18-slot	-	No
Operating System	cisco	nexus_7000_4-slot_firmware	-	Yes
Hardware	cisco	nexus_7000_4-slot	-	No
Operating System	cisco	nexus_7000_9-slot_firmware	-	Yes
Hardware	cisco	nexus_7000_9-slot	-	No
Operating System	cisco	nexus_7000_supervisor_1_firmware	-	Yes
Hardware	cisco	nexus_7000_supervisor_1	-	No
Operating System	cisco	nexus_7000_supervisor_2_firmware	-	Yes
Hardware	cisco	nexus_7000_supervisor_2	-	No
Operating System	cisco	nexus_7000_supervisor_2e_firmware	-	Yes
Hardware	cisco	nexus_7000_supervisor_2e	-	No
Operating System	cisco	nexus_7004_firmware	-	Yes
Hardware	cisco	nexus_7004	-	No
Operating System	cisco	nexus_7009_firmware	-	Yes
Hardware	cisco	nexus_7009	-	No
Operating System	cisco	nexus_7010_firmware	-	Yes
Hardware	cisco	nexus_7010	-	No
Operating System	cisco	nexus_7018_firmware	-	Yes
Hardware	cisco	nexus_7018	-	No
Operating System	cisco	nexus_7700_firmware	-	Yes
Hardware	cisco	nexus_7700	-	No
Operating System	cisco	nexus_7700_10-slot_firmware	-	Yes
Hardware	cisco	nexus_7700_10-slot	-	No
Operating System	cisco	nexus_7700_18-slot_firmware	-	Yes
Hardware	cisco	nexus_7700_18-slot	-	No
Operating System	cisco	nexus_7700_2-slot_firmware	-	Yes
Hardware	cisco	nexus_7700_2-slot	-	No
Operating System	cisco	nexus_7700_6-slot_firmware	-	Yes
Hardware	cisco	nexus_7700_6-slot	-	No
Operating System	cisco	nexus_7700_supervisor_2e_firmware	-	Yes
Hardware	cisco	nexus_7700_supervisor_2e	-	No
Operating System	cisco	nexus_7700_supervisor_3e_firmware	-	Yes
Hardware	cisco	nexus_7700_supervisor_3e	-	No
Operating System	cisco	nexus_7702_firmware	-	Yes
Hardware	cisco	nexus_7702	-	No
Operating System	cisco	nexus_7706_firmware	-	Yes
Hardware	cisco	nexus_7706	-	No
Operating System	cisco	nexus_7710_firmware	-	Yes
Hardware	cisco	nexus_7710	-	No
Operating System	cisco	nexus_7718_firmware	-	Yes
Hardware	cisco	nexus_7718	-	No
Operating System	cisco	nexus_9000_firmware	-	Yes
Hardware	cisco	nexus_9000	-	No
Operating System	cisco	nexus_9000v_firmware	-	Yes
Hardware	cisco	nexus_9000v	-	No
Operating System	cisco	nexus_9200_firmware	-	Yes
Hardware	cisco	nexus_9200	-	No
Operating System	cisco	nexus_92160yc-x_firmware	-	Yes
Hardware	cisco	nexus_92160yc-x	-	No
Operating System	cisco	nexus_9221c_firmware	-	Yes
Hardware	cisco	nexus_9221c	-	No
Operating System	cisco	nexus_92300yc_firmware	-	Yes
Hardware	cisco	nexus_92300yc	-	No
Operating System	cisco	nexus_92304qc_firmware	-	Yes
Hardware	cisco	nexus_92304qc	-	No
Operating System	cisco	nexus_92348gc-x_firmware	-	Yes
Hardware	cisco	nexus_92348gc-x	-	No
Operating System	cisco	nexus_9236c_firmware	-	Yes
Hardware	cisco	nexus_9236c	-	No
Operating System	cisco	nexus_9272q_firmware	-	Yes
Hardware	cisco	nexus_9272q	-	No
Operating System	cisco	nexus_9300_firmware	-	Yes
Hardware	cisco	nexus_9300	-	No
Operating System	cisco	nexus_93108tc-ex_firmware	-	Yes
Hardware	cisco	nexus_93108tc-ex	-	No
Operating System	cisco	nexus_93108tc-ex-24_firmware	-	Yes
Hardware	cisco	nexus_93108tc-ex-24	-	No
Operating System	cisco	nexus_93108tc-fx_firmware	-	Yes
Hardware	cisco	nexus_93108tc-fx	-	No
Operating System	cisco	nexus_93108tc-fx-24_firmware	-	Yes
Hardware	cisco	nexus_93108tc-fx-24	-	No
Operating System	cisco	nexus_93108tc-fx3p_firmware	-	Yes
Hardware	cisco	nexus_93108tc-fx3p	-	No
Operating System	cisco	nexus_93120tx_firmware	-	Yes
Hardware	cisco	nexus_93120tx	-	No
Operating System	cisco	nexus_93128_firmware	-	Yes
Hardware	cisco	nexus_93128	-	No
Operating System	cisco	nexus_93128tx_firmware	-	Yes
Hardware	cisco	nexus_93128tx	-	No
Operating System	cisco	nexus_9316d-gx_firmware	-	Yes
Hardware	cisco	nexus_9316d-gx	-	No
Operating System	cisco	nexus_93180lc-ex_firmware	-	Yes
Hardware	cisco	nexus_93180lc-ex	-	No
Operating System	cisco	nexus_93180tc-ex_firmware	-	Yes
Hardware	cisco	nexus_93180tc-ex	-	No
Operating System	cisco	nexus_93180yc-ex_firmware	-	Yes
Hardware	cisco	nexus_93180yc-ex	-	No
Operating System	cisco	nexus_93180yc-ex-24_firmware	-	Yes
Hardware	cisco	nexus_93180yc-ex-24	-	No
Operating System	cisco	nexus_93180yc-fx_firmware	-	Yes
Hardware	cisco	nexus_93180yc-fx	-	No
Operating System	cisco	nexus_93180yc-fx-24_firmware	-	Yes
Hardware	cisco	nexus_93180yc-fx-24	-	No
Operating System	cisco	nexus_93180yc-fx3_firmware	-	Yes
Hardware	cisco	nexus_93180yc-fx3	-	No
Operating System	cisco	nexus_93180yc-fx3s_firmware	-	Yes
Hardware	cisco	nexus_93180yc-fx3s	-	No
Operating System	cisco	nexus_93216tc-fx2_firmware	-	Yes
Hardware	cisco	nexus_93216tc-fx2	-	No
Operating System	cisco	nexus_93240yc-fx2_firmware	-	Yes
Hardware	cisco	nexus_93240yc-fx2	-	No
Operating System	cisco	nexus_9332c_firmware	-	Yes
Hardware	cisco	nexus_9332c	-	No
Operating System	cisco	nexus_9332pq_firmware	-	Yes
Hardware	cisco	nexus_9332pq	-	No
Operating System	cisco	nexus_93360yc-fx2_firmware	-	Yes
Hardware	cisco	nexus_93360yc-fx2	-	No
Operating System	cisco	nexus_9336c-fx2_firmware	-	Yes
Hardware	cisco	nexus_9336c-fx2	-	No
Operating System	cisco	nexus_9336c-fx2-e_firmware	-	Yes
Hardware	cisco	nexus_9336c-fx2-e	-	No
Operating System	cisco	nexus_9336pq_firmware	-	Yes
Hardware	cisco	nexus_9336pq	-	No
Operating System	cisco	nexus_9348gc-fxp_firmware	-	Yes
Hardware	cisco	nexus_9348gc-fxp	-	No
Operating System	cisco	nexus_93600cd-gx_firmware	-	Yes
Hardware	cisco	nexus_93600cd-gx	-	No
Operating System	cisco	nexus_9364c_firmware	-	Yes
Hardware	cisco	nexus_9364c	-	No
Operating System	cisco	nexus_9364c-gx_firmware	-	Yes
Hardware	cisco	nexus_9364c-gx	-	No
Operating System	cisco	nexus_9372px_firmware	-	Yes
Hardware	cisco	nexus_9372px	-	No
Operating System	cisco	nexus_9372px-e_firmware	-	Yes
Hardware	cisco	nexus_9372px-e	-	No
Operating System	cisco	nexus_9372tx_firmware	-	Yes
Hardware	cisco	nexus_9372tx	-	No
Operating System	cisco	nexus_9372tx-e_firmware	-	Yes
Hardware	cisco	nexus_9372tx-e	-	No
Operating System	cisco	nexus_9396px_firmware	-	Yes
Hardware	cisco	nexus_9396px	-	No
Operating System	cisco	nexus_9396tx_firmware	-	Yes
Hardware	cisco	nexus_9396tx	-	No
Operating System	cisco	nexus_9500_firmware	-	Yes
Hardware	cisco	nexus_9500	-	No
Operating System	cisco	nexus_9500r_firmware	-	Yes
Hardware	cisco	nexus_9500r	-	No
Operating System	cisco	nexus_9504_firmware	-	Yes
Hardware	cisco	nexus_9504	-	No
Operating System	cisco	nexus_9508_firmware	-	Yes
Hardware	cisco	nexus_9508	-	No
Operating System	cisco	nexus_9516_firmware	-	Yes
Hardware	cisco	nexus_9516	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.