Cisco NX-OS HSRP DoS (CSCup11309)

medium Nessus Plugin ID 83904

Synopsis

The remote device is affected by a denial of service vulnerability.

Description

The remote Cisco device contains a flaw in the Hot Standby Router Protocol (HSRP) authentication. A remote attacker, using a specially crafted HSRP packet, can bypass HSRP authentication and configure HSRP group members to the SPEAK state, causing a denial of service.

Solution

Upgrade to the relevant fixed version, 6.2(10) or later, as referenced in Cisco bug ID CSCup11309.

See Also

https://tools.cisco.com/security/center/viewAlert.x?alertId=34585

https://tools.cisco.com/bugsearch/bug/CSCup11309

Plugin Details

Severity: Medium

ID: 83904

File Name: cisco-sn-CVE-2014-3295-nxos.nasl

Version: 1.9

Type: combined

Family: CISCO

Published: 5/30/2015

Updated: 11/22/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 4.8

Temporal Score: 3.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/local_checks_enabled, Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 6/11/2014

Vulnerability Publication Date: 6/10/2014

Reference Information

CVE: CVE-2014-3295

BID: 67983

CISCO-BUG-ID: CSCup11309