Denial of service in Cisco MDS 9000 Series Multilayer Switches

Published: 2020-02-27
Risk High
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2020-3175
Exploitation vector Network
Public exploit N/A
Vulnerable software
Cisco NX-OS
Operating systems & Components / Operating system

Cisco MDS 9000 Series Multilayer Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Resource exhaustion

EUVDB-ID: #VU25653

Risk: High


CVE-ID: CVE-2020-3175


Exploit availability:


The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper resource usage control within the resource handling system. A remote attacker send traffic to the management interface (mgmt0) of an affected device at very high rates and cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.


Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Cisco NX-OS: All versions

Cisco MDS 9000 Series Multilayer Switches: All versions

Fixed software versions

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?