CVE-2020-3397— Cisco NX-OS Software 输入验证错误漏洞

Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart. Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.

N/A

输入验证不恰当

Cisco NX-OS Software 输入验证错误漏洞

Cisco NX-OS Software是美国思科（Cisco）公司的一套交换机使用的数据中心级操作系统软件。TCP（Transmission Control Protocol,传输控制协议）是一种面向连接的、可靠的、基于字节流的传输层通信协议，由IETF的RFC 793定义。 Cisco NX-OS Software 存在安全漏洞，该漏洞源于特定类型的BGP MVPN更新消息的输入验证不完整，攻击者可以利用该漏洞导致受影响设备异常重载进而导致拒绝服务。

N/A

N/A