CVE-2023-20169: Input Validation
First published: Wed Aug 23 2023(Updated: )
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the unexpected restart of the IS-IS process, which could cause the affected device to reload. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2 adjacent to the affected device.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | =10.3\(2\) | |
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 31108PV-V | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-X/3132Q-XL | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3232 | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 34200YC-SM | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-x/xl | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 9232E | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9408 | ||
| Cisco Nexus 9504 | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus 9516 | ||
| All of | ||
| Cisco NX-OS | =10.3\(2\) | |
| Any of | ||
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 31108PV-V | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-X/3132Q-XL | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172PQ/PQ-XL | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3232 | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 34200YC-SM | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-x/xl | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 9232E | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9408 | ||
| Cisco Nexus 9504 | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus 9516 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-20169?
The severity of CVE-2023-20169 is high with a severity value of 6.5.
What is the affected software of CVE-2023-20169?
The affected software of CVE-2023-20169 is Cisco NX-OS version 10.3(2) on Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode.
How does CVE-2023-20169 affect Cisco Nexus 3048?
CVE-2023-20169 is not applicable to Cisco Nexus 3048 as it is not vulnerable.
How do I fix CVE-2023-20169?
To fix CVE-2023-20169, it is recommended to apply the necessary updates provided by Cisco.
Where can I find more information about CVE-2023-20169?
You can find more information about CVE-2023-20169 on the Cisco Security Advisory website.
- agent/type
- agent/author
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/10.3\(2\)
- canonical/cisco nexus 3048 firmware
- canonical/cisco nexus 31108pv-v
- canonical/cisco nexus 31108tc-v firmware
- canonical/cisco nexus 31128pq
- canonical/cisco nexus 3132c-z firmware
- canonical/cisco nexus 3132q-v firmware
- canonical/cisco nexus 3132q-x/3132q-xl
- canonical/cisco nexus 3164q firmware
- canonical/cisco nexus 3172pq/pq-xl
- canonical/cisco nexus 3172tq firmware
- canonical/cisco nexus 3172tq-xl
- canonical/cisco nexus 3172tq-xl firmware
- canonical/cisco nexus 3232
- canonical/cisco nexus 3264c-e firmware
- canonical/cisco nexus 3264q firmware
- canonical/cisco nexus 3408-s firmware
- canonical/cisco nexus 34180yc firmware
- canonical/cisco nexus 34200yc-sm
- canonical/cisco nexus 3432d-s firmware
- canonical/cisco nexus 3464c firmware
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3524-x/xl
- canonical/cisco nexus 3548-x/xl firmware
- canonical/cisco nexus 3548-x/xl
- canonical/cisco nexus 36180yc-r firmware
- canonical/cisco nexus 9232e
- canonical/cisco nexus 92348gc-x switch
- canonical/cisco nexus 9408
- canonical/cisco nexus 9504
- canonical/cisco nexus 9508
- canonical/cisco nexus 9516