TLP-AMBER-CLEAR
Summary: -
On 28-Aug-2024, Cisco released
a semi-annual security advisory bundled publication to
address multiple vulnerabilities in FXOS and NX-OS software. A high-severity vulnerability
in the DHCPv6 relay agent of NX-OS could cause improper handling of
specific fields in DHCPv6 messages. If exploited, the vulnerability
could allow unauthenticated attackers to send crafted packets to vulnerable IPv6 address-configured
devices for denial-of-service attacks.
Vulnerability?
We are providing the CVE score and 3.x severity rating assigned
by NIST at the time of disclosure
CVE-2024-20446 – CVSS 8.6 HIGH - Cisco NX-OS Software DHCPv6
Relay Agent Denial of Service Vulnerability – The vulnerability
is affecting the DHCPv6 relay agent of Cisco NX-OS Software. This
vulnerability is due to improper handling of specific fields in a DHCPv6
RELAY-REPLY message. An attacker could exploit this vulnerability by sending a
crafted DHCPv6 packet to any IPv6 address configured on an affected device. If
exploited, the vulnerability could allow unauthenticated remote users to cause
the dhcp_snoop process to crash and restart multiple times, causing the
affected device to reload and resulting in a DoS condition.
Cisco Event Response: August 2024 Semi-annual Security
Advisory Bundled Publication also addressed 3 medium severity
vulnerabilities in Cisco NX-OS Software
Affected Products?
- Cisco Nexus
o 3000 and
7000 Series Switches
o 9000
Series Switches in standalone NX-OS mode
o
if following conditions are true:
- They are running Cisco NX-OS Software Release 8.2(11), 9.3(9), or 10.2(1).
- They have the DHCPv6 relay agent enabled.
- They have at least one IPv6 address configured on the device.
Actions:-
Review - Cisco Event Response: August 2024 Semi-annual Security Advisory Bundled Publication
· Find the vulnerable product versions within your environment
o If identified upgrade to the updated versions
Post a Comment