Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-20823

Published: 25/08/2022 Updated: 07/11/2023
CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Cisco

Vulnerability Summary

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the malicious user to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco nexus_3016_firmware -

cisco nexus_3016q_firmware -

cisco nexus_3048_firmware -

cisco nexus_3064_firmware -

cisco nexus_3064-32t_firmware -

cisco nexus_3064-t_firmware -

cisco nexus_3064-x_firmware -

cisco nexus_3064t_firmware -

cisco nexus_3064x_firmware -

cisco nexus_3100_firmware -

cisco nexus_3100-v_firmware -

cisco nexus_3100-z_firmware -

cisco nexus_3100v_firmware -

cisco nexus_31108pc-v_firmware -

cisco nexus_31108pv-v_firmware -

cisco nexus_31108tc-v_firmware -

cisco nexus_31128pq_firmware -

cisco nexus_3132c-z_firmware -

cisco nexus_3132q_firmware -

cisco nexus_3132q-v_firmware -

cisco nexus_3132q-x_firmware -

cisco nexus_3132q-x\\/3132q-xl_firmware -

cisco nexus_3132q-xl_firmware -

cisco nexus_3164q_firmware -

cisco nexus_3172_firmware -

cisco nexus_3172pq_firmware -

cisco nexus_3172pq-xl_firmware -

cisco nexus_3172pq\\/pq-xl_firmware -

cisco nexus_3172tq_firmware -

cisco nexus_3172tq-32t_firmware -

cisco nexus_3172tq-xl_firmware -

cisco nexus_3200_firmware -

cisco nexus_3232c_firmware -

cisco nexus_3232c__firmware -

cisco nexus_3264c-e_firmware -

cisco nexus_3264q_firmware -

cisco nexus_3400_firmware -

cisco nexus_3408-s_firmware -

cisco nexus_34180yc_firmware -

cisco nexus_34200yc-sm_firmware -

cisco nexus_3432d-s_firmware -

cisco nexus_3464c_firmware -

cisco nexus_3500_firmware -

cisco nexus_3500_platform_firmware -

cisco nexus_3524_firmware -

cisco nexus_3524-x_firmware -

cisco nexus_3524-x\\/xl_firmware -

cisco nexus_3524-xl_firmware -

cisco nexus_3548_firmware -

cisco nexus_3548-x_firmware -

cisco nexus_3548-x\\/xl_firmware -

cisco nexus_3548-xl_firmware -

cisco nexus_3600_firmware -

cisco nexus_36180yc-r_firmware -

cisco nexus_3636c-r_firmware -

cisco nexus_5500_firmware -

cisco nexus_5548p_firmware -

cisco nexus_5548up_firmware -

cisco nexus_5596t_firmware -

cisco nexus_5596up_firmware -

cisco nexus_5600_firmware -

cisco nexus_56128p_firmware -

cisco nexus_5624q_firmware -

cisco nexus_5648q_firmware -

cisco nexus_5672up_firmware -

cisco nexus_5672up-16g_firmware -

cisco nexus_5696q_firmware -

cisco nexus_6000_firmware -

cisco nexus_6001_firmware -

cisco nexus_6001p_firmware -

cisco nexus_6001t_firmware -

cisco nexus_6004_firmware -

cisco nexus_6004x_firmware -

cisco nexus_7000_firmware -

cisco nexus_7000_10-slot_firmware -

cisco nexus_7000_18-slot_firmware -

cisco nexus_7000_4-slot_firmware -

cisco nexus_7000_9-slot_firmware -

cisco nexus_7000_supervisor_1_firmware -

cisco nexus_7000_supervisor_2_firmware -

cisco nexus_7000_supervisor_2e_firmware -

cisco nexus_7004_firmware -

cisco nexus_7009_firmware -

cisco nexus_7010_firmware -

cisco nexus_7018_firmware -

cisco nexus_7700_firmware -

cisco nexus_7700_10-slot_firmware -

cisco nexus_7700_18-slot_firmware -

cisco nexus_7700_2-slot_firmware -

cisco nexus_7700_6-slot_firmware -

cisco nexus_7700_supervisor_2e_firmware -

cisco nexus_7700_supervisor_3e_firmware -

cisco nexus_7702_firmware -

cisco nexus_7706_firmware -

cisco nexus_7710_firmware -

cisco nexus_7718_firmware -

cisco nexus_9000_firmware -

cisco nexus_9000v_firmware -

cisco nexus_9200_firmware -

cisco nexus_92160yc-x_firmware -

cisco nexus_9221c_firmware -

cisco nexus_92300yc_firmware -

cisco nexus_92304qc_firmware -

cisco nexus_92348gc-x_firmware -

cisco nexus_9236c_firmware -

cisco nexus_9272q_firmware -

cisco nexus_9300_firmware -

cisco nexus_93108tc-ex_firmware -

cisco nexus_93108tc-ex-24_firmware -

cisco nexus_93108tc-fx_firmware -

cisco nexus_93108tc-fx-24_firmware -

cisco nexus_93108tc-fx3p_firmware -

cisco nexus_93120tx_firmware -

cisco nexus_93128_firmware -

cisco nexus_93128tx_firmware -

cisco nexus_9316d-gx_firmware -

cisco nexus_93180lc-ex_firmware -

cisco nexus_93180tc-ex_firmware -

cisco nexus_93180yc-ex_firmware -

cisco nexus_93180yc-ex-24_firmware -

cisco nexus_93180yc-fx_firmware -

cisco nexus_93180yc-fx-24_firmware -

cisco nexus_93180yc-fx3_firmware -

cisco nexus_93180yc-fx3s_firmware -

cisco nexus_93216tc-fx2_firmware -

cisco nexus_93240yc-fx2_firmware -

cisco nexus_9332c_firmware -

cisco nexus_9332pq_firmware -

cisco nexus_93360yc-fx2_firmware -

cisco nexus_9336c-fx2_firmware -

cisco nexus_9336c-fx2-e_firmware -

cisco nexus_9336pq_firmware -

cisco nexus_9348gc-fxp_firmware -

cisco nexus_93600cd-gx_firmware -

cisco nexus_9364c_firmware -

cisco nexus_9364c-gx_firmware -

cisco nexus_9372px_firmware -

cisco nexus_9372px-e_firmware -

cisco nexus_9372tx_firmware -

cisco nexus_9372tx-e_firmware -

cisco nexus_9396px_firmware -

cisco nexus_9396tx_firmware -

cisco nexus_9500_firmware -

cisco nexus_9500r_firmware -

cisco nexus_9504_firmware -

cisco nexus_9508_firmware -

cisco nexus_9516_firmware -

Vendor Advisories

Cisco: Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device This vulnerability is due to incomplete input validation of specific OSPFv3 packets An attacker could exploit this vulnerability by sending a malicious OS ...

References

CWE-125https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcuhttps://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook