CVE-2024-20267

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
8.6HIGH
EPSS
0.5%
top 32.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Nx-os SoftwareCisco Nx-os
Timeline
PublishedFeb 29

Description

A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of proper error checking when processing an ingress MPLS frame. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that is encapsulated within an MPLS frame to an MPLS-enabled interfa

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

CVEListV5cisco/cisco_nx-os_software205 versions+204
NVDcisco/nx-os205 versions+204

🔴Vulnerability Details

2
GHSA
GHSA-r2c7-g2vh-f84m: A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack proce2024-02-29
CVEList
CVE-2024-20267: A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack proce2024-02-28

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software MPLS Encapsulated IPv6 Denial of Service Vulnerability2024-02-28