CVE-2024-20321

First published: Wed Feb 28 2024(Updated: )

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Nx-os	=7.0\(3\)f1\(1\)
Cisco Nx-os	=7.0\(3\)f2\(1\)
Cisco Nx-os	=7.0\(3\)f2\(2\)
Cisco Nx-os	=7.0\(3\)f3\(1\)
Cisco Nx-os	=7.0\(3\)f3\(2\)
Cisco Nx-os	=7.0\(3\)f3\(3\)
Cisco Nx-os	=7.0\(3\)f3\(3a\)
Cisco Nx-os	=7.0\(3\)f3\(3c\)
Cisco Nx-os	=7.0\(3\)f3\(4\)
Cisco Nx-os	=7.0\(3\)f3\(5\)
Cisco Nx-os	=9.2\(1\)
Cisco Nx-os	=9.2\(2\)
Cisco Nx-os	=9.2\(2t\)
Cisco Nx-os	=9.2\(2v\)
Cisco Nx-os	=9.2\(3\)
Cisco Nx-os	=9.2\(4\)
Cisco Nx-os	=9.3\(1\)
Cisco Nx-os	=9.3\(2\)
Cisco Nx-os	=9.3\(3\)
Cisco Nx-os	=9.3\(4\)
Cisco Nx-os	=9.3\(5\)
Cisco Nx-os	=9.3\(6\)
Cisco Nx-os	=9.3\(7\)
Cisco Nx-os	=9.3\(7a\)
Cisco Nx-os	=9.3\(8\)
Cisco Nx-os	=9.3\(9\)
Cisco Nx-os	=9.3\(10\)
Cisco Nx-os	=9.3\(11\)
Cisco Nx-os	=9.3\(12\)
Cisco Nx-os	=10.1\(1\)
Cisco Nx-os	=10.1\(2\)
Cisco Nx-os	=10.1\(2t\)
Cisco Nx-os	=10.2\(1\)
Cisco Nx-os	=10.2\(1q\)
Cisco Nx-os	=10.2\(2\)
Cisco Nx-os	=10.2\(3\)
Cisco Nx-os	=10.2\(3t\)
Cisco Nx-os	=10.2\(3v\)
Cisco Nx-os	=10.2\(4\)
Cisco Nx-os	=10.2\(5\)
Cisco Nx-os	=10.2\(6\)
Cisco Nx-os	=10.3\(1\)
Cisco Nx-os	=10.3\(2\)
Cisco Nx-os	=10.3\(3\)
Cisco Nx-os	=10.3\(4a\)
Cisco Nx-os	=10.3\(99w\)
Cisco Nx-os	=10.3\(99x\)
Cisco Nx-os	=10.4\(1\)

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ

collector/mitre-cve
source/MITRE
agent/references
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/weakness
agent/last-modified-date
agent/softwarecombine
agent/tags
vendor/cisco
canonical/cisco nx-os
version/cisco nx-os/7.0\(3\)f1\(1\)
version/cisco nx-os/7.0\(3\)f2\(1\)
version/cisco nx-os/7.0\(3\)f2\(2\)
version/cisco nx-os/7.0\(3\)f3\(1\)
version/cisco nx-os/7.0\(3\)f3\(2\)
version/cisco nx-os/7.0\(3\)f3\(3\)
version/cisco nx-os/7.0\(3\)f3\(3a\)
version/cisco nx-os/7.0\(3\)f3\(3c\)
version/cisco nx-os/7.0\(3\)f3\(4\)
version/cisco nx-os/7.0\(3\)f3\(5\)
version/cisco nx-os/9.2\(1\)
version/cisco nx-os/9.2\(2\)
version/cisco nx-os/9.2\(2t\)
version/cisco nx-os/9.2\(2v\)
version/cisco nx-os/9.2\(3\)
version/cisco nx-os/9.2\(4\)
version/cisco nx-os/9.3\(1\)
version/cisco nx-os/9.3\(2\)
version/cisco nx-os/9.3\(3\)
version/cisco nx-os/9.3\(4\)
version/cisco nx-os/9.3\(5\)
version/cisco nx-os/9.3\(6\)
version/cisco nx-os/9.3\(7\)
version/cisco nx-os/9.3\(7a\)
version/cisco nx-os/9.3\(8\)
version/cisco nx-os/9.3\(9\)
version/cisco nx-os/9.3\(10\)
version/cisco nx-os/9.3\(11\)
version/cisco nx-os/9.3\(12\)
version/cisco nx-os/10.1\(1\)
version/cisco nx-os/10.1\(2\)
version/cisco nx-os/10.1\(2t\)
version/cisco nx-os/10.2\(1\)
version/cisco nx-os/10.2\(1q\)
version/cisco nx-os/10.2\(2\)
version/cisco nx-os/10.2\(3\)
version/cisco nx-os/10.2\(3t\)
version/cisco nx-os/10.2\(3v\)
version/cisco nx-os/10.2\(4\)
version/cisco nx-os/10.2\(5\)
version/cisco nx-os/10.2\(6\)
version/cisco nx-os/10.3\(1\)
version/cisco nx-os/10.3\(2\)
version/cisco nx-os/10.3\(3\)
version/cisco nx-os/10.3\(4a\)
version/cisco nx-os/10.3\(99w\)
version/cisco nx-os/10.3\(99x\)
version/cisco nx-os/10.4\(1\)

CVE-2024-20321

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact