Cisco Nexus 4000 Series Switches IPv6 Denial of Service (CSCtd15904)

medium Nessus Plugin ID 71153

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A vulnerability in the IP version 6 (IPv6) packet handling routine of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to stop responding to neighbor solicitation (NS) requests, causing a limited denial of service (DoS) condition.

The vulnerability is due to improper processing of adjacencies in the IPv6 neighbor table. An attacker could exploit this vulnerability by sending a sequence of malformed IPv6 packets to an affected device. An exploit could allow the attacker to cause a device to stop responding to NS requests, causing a limited DoS condition.

Solution

Apply the patch referenced in Cisco bug ID CSCtd15904.

See Also

http://www.nessus.org/u?ba5584b5

Plugin Details

Severity: Medium

ID: 71153

File Name: cisco-sn-CSCtd15904-nxos.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 12/2/2013

Updated: 10/29/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 4.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Device, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/12/2013

Vulnerability Publication Date: 11/12/2013

Reference Information

CVE: CVE-2013-6683

BID: 63685

CISCO-BUG-ID: CSCtd15904