CVE-2016-1454: Input Validation

First published: Thu Oct 06 2016(Updated: )

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Nx-os	<6.0\(2\)u6\(7\)
Cisco Nx-os	>=6.1<7.0\(3\)i4\(1\)
Cisco Nexus 3016
Cisco Nexus 3048
Cisco Nexus 31108pc-v
Cisco Nexus 31108tc-v
Cisco Nexus 31128pq
Cisco Nexus 3132q
Cisco Nexus 3132q-v
Cisco Nexus 3164q
Cisco Nexus 3172
Cisco Nexus 3232c
Cisco Nexus 3264q
Cisco Nx-os	<7.1\(4\)n1\(1\)
Cisco Nx-os	>=7.2<7.2\(2\)n1\(1\)
Cisco Nx-os	>=7.3<7.3\(0\)n1\(1\)
Cisco 5548p
Cisco 5548up
Cisco 5596t
Cisco 5596up
Cisco 56128p
Cisco 5624q
Cisco 5648q
Cisco 5672up
Cisco 5672up-16g
Cisco 5696q
Cisco Nexus 6001
Cisco Nexus 6004
Cisco Nx-os	<5.2
Cisco Nexus 5010
Cisco Nexus 5020
Cisco Nx-os	<7.2\(2\)d1\(1\)
Cisco Nx-os	>=7.3<7.3\(1\)d1\(1\)
Cisco Nexus 7000 10-slot
Cisco Nexus 7000 18-slot
Cisco Nexus 7000 4-slot
Cisco Nexus 7000 9-slot
Cisco Nexus 7700 10-slot
Cisco Nexus 7700 18-slot
Cisco Nexus 7700 2-slot
Cisco Nexus 7700 6-slot
Cisco Nx-os	<5.2\(1\)sv3\(1.15\)
Cisco Nexus 1000v For Vmware Vsphere
Cisco Nx-os	>=11.0<11.1\(1j\)
Cisco Nexus 92160yc-x
Cisco Nexus 92304qc
Cisco Nexus 9236c
Cisco Nexus 9272q
Cisco Nexus 93108tc-ex
Cisco Nexus 93120tx
Cisco Nexus 93128tx
Cisco Nexus 93180yc-ex
Cisco Nexus 9332pq
Cisco Nexus 9336pq Aci Spine
Cisco Nexus 9372px
Cisco Nexus 9372tx
Cisco Nexus 9396px
Cisco Nexus 9396tx
Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516
Cisco Nx-os	<6.0\(2\)a8\(1\)
Cisco Nexus 3524
Cisco Nexus 3548

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/cisco
canonical/cisco nx-os
version/cisco nx-os/6.1
canonical/cisco nexus 3016
canonical/cisco nexus 3048
canonical/cisco nexus 31108pc-v
canonical/cisco nexus 31108tc-v
canonical/cisco nexus 31128pq
canonical/cisco nexus 3132q
canonical/cisco nexus 3132q-v
canonical/cisco nexus 3164q
canonical/cisco nexus 3172
canonical/cisco nexus 3232c
canonical/cisco nexus 3264q
version/cisco nx-os/7.2
version/cisco nx-os/7.3
canonical/cisco 5548p
canonical/cisco 5548up
canonical/cisco 5596t
canonical/cisco 5596up
canonical/cisco 56128p
canonical/cisco 5624q
canonical/cisco 5648q
canonical/cisco 5672up
canonical/cisco 5672up-16g
canonical/cisco 5696q
canonical/cisco nexus 6001
canonical/cisco nexus 6004
canonical/cisco nexus 5010
canonical/cisco nexus 5020
canonical/cisco nexus 7000 10-slot
canonical/cisco nexus 7000 18-slot
canonical/cisco nexus 7000 4-slot
canonical/cisco nexus 7000 9-slot
canonical/cisco nexus 7700 10-slot
canonical/cisco nexus 7700 18-slot
canonical/cisco nexus 7700 2-slot
canonical/cisco nexus 7700 6-slot
canonical/cisco nexus 1000v for vmware vsphere
version/cisco nx-os/11.0
canonical/cisco nexus 92160yc-x
canonical/cisco nexus 92304qc
canonical/cisco nexus 9236c
canonical/cisco nexus 9272q
canonical/cisco nexus 93108tc-ex
canonical/cisco nexus 93120tx
canonical/cisco nexus 93128tx
canonical/cisco nexus 93180yc-ex
canonical/cisco nexus 9332pq
canonical/cisco nexus 9336pq aci spine
canonical/cisco nexus 9372px
canonical/cisco nexus 9372tx
canonical/cisco nexus 9396px
canonical/cisco nexus 9396tx
canonical/cisco nexus 9504
canonical/cisco nexus 9508
canonical/cisco nexus 9516
canonical/cisco nexus 3524
canonical/cisco nexus 3548

CVE-2016-1454: Input Validation

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact