Multiple Cisco Nexus Devices IP Stack Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Multiple Cisco Nexus devices are prone to a denial-of-service vulnerability.

Impact

An attacker can exploit this issue to cause the device to crash, denying service to legitimate users.

Solution

The vendor has released updates. Please see the referenced advisory for details.

Insight

Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991.

Affected

The following devices are affected: Cisco Nexus 1000V Cisco Nexus 5000 Cisco Nexus 7000

Detection

Check the version from SNMP sysdesc

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120215-nxos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0352
http://www.cisco.com/en/US/products/ps9670/
http://www.cisco.com/en/US/products/ps9902/tsd_products_support_series_home.html
http://www.securityfocus.com/bid/52027

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0352
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

CISCO Secure ACS Management Interface Login Overflow
Cisco Prime LAN Management Solution Remote Command Execution Vulnerability
Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability
Cisco IOS XR Software IPv6 Packet Handling Denial of Service Vulnerability
Cisco TelePresence TC and TE Software Multiple Security Vulnerabilities

Take action and discover your vulnerabilities