Cisco NX-OS Software BGP DoS (CSCtn13055)

medium Nessus Plugin ID 70457

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A vulnerability in the Border Gateway Protocol (BGP) component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition by causing the BGP service to reset and resync.

The vulnerability is due to improper filtering of invalid AS Path values. An attacker could exploit this vulnerability by sending a malformed BGP update to a downstream peer of the affected device. A successful exploit could result in the downstream peers resetting the BGP connection with the affected device.

Solution

Apply the relevant patch referenced in Cisco bug ID CSCtn13055.

See Also

http://www.nessus.org/u?06eb3b7d

Plugin Details

Severity: Medium

ID: 70457

File Name: cisco-sn-CSCtn13055-nxos.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 10/16/2013

Updated: 11/27/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2012-4098

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 10/4/2013

Vulnerability Publication Date: 10/4/2013

Reference Information

CVE: CVE-2012-4098

BID: 62858

CISCO-BUG-ID: CSCtn13055