CVE-2026-20171— Cisco NX-OS Software 安全漏洞

Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect parsing of a transitive BGP attribute. An attacker could exploit this vulnerability by sending a crafted BGP update through an established BGP peer session. If the update propagates to an affected device, it could cause the device to drop the BGP session and flap with the BGP peer that is forwarding this update, resulting in a DoS condition.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

控制流实现总是不正确

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software是美国思科（Cisco）公司的一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software存在安全漏洞，该漏洞源于错误解析传递BGP属性，可能导致未经身份验证的远程攻击者触发BGP对等体抖动并造成拒绝服务。

N/A

N/A