{"id":167785,"date":"2024-08-29T21:00:15","date_gmt":"2024-08-29T21:00:15","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=167785"},"modified":"2024-08-29T21:00:17","modified_gmt":"2024-08-29T21:00:17","slug":"cisco-high-severity-flaw-nx-os","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/167785\/security\/cisco-high-severity-flaw-nx-os.html","title":{"rendered":"Cisco addressed a high-severity flaw in NX-OS software"},"content":{"rendered":"
<\/div>\n

Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent.<\/h2>\n\n\n\n

Cisco released security updates for NX-OS software that address multiple vulnerabilities<\/a>.<\/p>\n\n\n\n

The most severe of the vulnerabilities fixed by the IT giant is a high-severity issue tracked as CVE-2024-20446. The vulnerability impacts the DHCPv6 relay agent of NX-OS, an attacker can trigger the flaw to cause a denial-of-service (DoS) condition.<\/p>\n\n\n\n

“This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device.” reads the advisory<\/a>. “A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.”<\/em><\/p>\n\n\n\n

The vulnerability affects Cisco Nexus 3000 and 7000 Series Switches, as well as Nexus 9000 Series Switches operating in standalone NX-OS mode. However, the risk is present only under certain conditions: the device must have at least one IPv6 address configured, be running Cisco NX-OS Software Release 8.2(11), 9.3(9), or 10.2(1), and have the DHCPv6 relay agent enabled. All these factors together make the devices susceptible to the identified vulnerability.<\/p>\n\n\n\n

The company pointed out that there are no workarounds that address this flaw.<\/p>\n\n\n\n

The Cisco Product Security Incident Response Team (PSIRT) is not aware of attacks in the wild exploiting this vulnerability.<\/gwmw><\/p>\n\n\n\n

Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n

(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, NX-OS Software)<\/strong><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multiple vulnerabilities. The most severe of the vulnerabilities fixed by the IT giant is a high-severity issue tracked as CVE-2024-20446. The vulnerability impacts the DHCPv6 relay agent of NX-OS, an […]<\/p>\n","protected":false},"author":1,"featured_media":26713,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,55],"tags":[1671,15325,1725,4112,9508,9506,10918,687,841,1533],"class_list":["post-167785","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-security","tag-cisco","tag-cisco-nx-os-software","tag-dos","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司