Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20321

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

Published

2024-02-29T01:43:59.410

Last Modified

2024-11-21T08:52:22.093

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-400
Type: Primary
CWE-770

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	nx-os	7.0\(3\)f1\(1\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f2\(1\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f2\(2\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(1\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(2\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(3\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(3a\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(3c\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(4\)	Yes
Operating System	cisco	nx-os	7.0\(3\)f3\(5\)	Yes
Operating System	cisco	nx-os	9.2\(1\)	Yes
Operating System	cisco	nx-os	9.2\(2\)	Yes
Operating System	cisco	nx-os	9.2\(2t\)	Yes
Operating System	cisco	nx-os	9.2\(2v\)	Yes
Operating System	cisco	nx-os	9.2\(3\)	Yes
Operating System	cisco	nx-os	9.2\(4\)	Yes
Operating System	cisco	nx-os	9.3\(1\)	Yes
Operating System	cisco	nx-os	9.3\(2\)	Yes
Operating System	cisco	nx-os	9.3\(3\)	Yes
Operating System	cisco	nx-os	9.3\(4\)	Yes
Operating System	cisco	nx-os	9.3\(5\)	Yes
Operating System	cisco	nx-os	9.3\(6\)	Yes
Operating System	cisco	nx-os	9.3\(7\)	Yes
Operating System	cisco	nx-os	9.3\(7a\)	Yes
Operating System	cisco	nx-os	9.3\(8\)	Yes
Operating System	cisco	nx-os	9.3\(9\)	Yes
Operating System	cisco	nx-os	9.3\(10\)	Yes
Operating System	cisco	nx-os	9.3\(11\)	Yes
Operating System	cisco	nx-os	9.3\(12\)	Yes
Operating System	cisco	nx-os	10.1\(1\)	Yes
Operating System	cisco	nx-os	10.1\(2\)	Yes
Operating System	cisco	nx-os	10.1\(2t\)	Yes
Operating System	cisco	nx-os	10.2\(1\)	Yes
Operating System	cisco	nx-os	10.2\(1q\)	Yes
Operating System	cisco	nx-os	10.2\(2\)	Yes
Operating System	cisco	nx-os	10.2\(3\)	Yes
Operating System	cisco	nx-os	10.2\(3t\)	Yes
Operating System	cisco	nx-os	10.2\(3v\)	Yes
Operating System	cisco	nx-os	10.2\(4\)	Yes
Operating System	cisco	nx-os	10.2\(5\)	Yes
Operating System	cisco	nx-os	10.2\(6\)	Yes
Operating System	cisco	nx-os	10.3\(1\)	Yes
Operating System	cisco	nx-os	10.3\(2\)	Yes
Operating System	cisco	nx-os	10.3\(3\)	Yes
Operating System	cisco	nx-os	10.3\(4a\)	Yes
Operating System	cisco	nx-os	10.3\(99w\)	Yes
Operating System	cisco	nx-os	10.3\(99x\)	Yes
Operating System	cisco	nx-os	10.4\(1\)	Yes

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)