Denial of Service in Cisco Systems, Inc products - CVE-2016-1454
Published: October 5, 2016 / Updated: April 5, 2018
Vulnerability identifier: #VU788
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-1454
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Nexus 1000 Series Switches
Cisco Nexus 3000 Series Switches
Nexus 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 2000 Series Switches
Cisco Nexus 5600 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 7700 Series Switches
Cisco Nexus 9000 Series Switches in ACI Mode
Cisco Nexus 9000 Series Switches NX-OS Mode
Cisco Nexus 1000 Series Switches
Cisco Nexus 3000 Series Switches
Nexus 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 2000 Series Switches
Cisco Nexus 5600 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 7700 Series Switches
Cisco Nexus 9000 Series Switches in ACI Mode
Cisco Nexus 9000 Series Switches NX-OS Mode
Detailed vulnerability description
The vulnerability allows a remote unauthenticated user to cause DoS conditions on the target system.
The weakness is caused by insufficient input validation of the BGP update messages. By sending such massages attackers can cause the affected device reload.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
The weakness is caused by insufficient input validation of the BGP update messages. By sending such massages attackers can cause the affected device reload.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
How to mitigate CVE-2016-1454
Update Cisco Nexus 1000 Series Switches to 5.2(1)SV3(1.15).
Update Cisco Nexus 3000 Series Switches to 6.0(2)U6(7) or 7.0(3)I4(1).
Update Cisco Nexus 3500 Series Switches to 6.0(2)A8(1).
Update Cisco Nexus 2000, 5500, 6000 Series Switches to 7.1(4)N1(1), 7.2(2)N1(1) or 7.3(0)N1(1).
Update Cisco Nexus 7000, 7700Series Switches to 7.2(2)D1(1) or 7.3(1)D1(1).
Update Cisco Nexus 9000 Series Switches in ACI Mode to 11.1(1j).
Update Cisco Nexus 9000 Series Switches in NX-OS Mode to 7.0(3)I4(1)
Update Cisco Nexus 3000 Series Switches to 6.0(2)U6(7) or 7.0(3)I4(1).
Update Cisco Nexus 3500 Series Switches to 6.0(2)A8(1).
Update Cisco Nexus 2000, 5500, 6000 Series Switches to 7.1(4)N1(1), 7.2(2)N1(1) or 7.3(0)N1(1).
Update Cisco Nexus 7000, 7700Series Switches to 7.2(2)D1(1) or 7.3(1)D1(1).
Update Cisco Nexus 9000 Series Switches in ACI Mode to 11.1(1j).
Update Cisco Nexus 9000 Series Switches in NX-OS Mode to 7.0(3)I4(1)