#VU788 Denial of Service in Cisco Systems, Inc products - CVE-2016-1454
Published: October 5, 2016 / Updated: April 5, 2018
Vulnerability identifier: #VU788
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-1454
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Nexus 1000 Series Switches
Cisco Nexus 3000 Series Switches
Nexus 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 2000 Series Switches
Cisco Nexus 5600 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 7700 Series Switches
Cisco Nexus 9000 Series Switches in ACI Mode
Cisco Nexus 9000 Series Switches NX-OS Mode
Cisco Nexus 1000 Series Switches
Cisco Nexus 3000 Series Switches
Nexus 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 2000 Series Switches
Cisco Nexus 5600 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 7700 Series Switches
Cisco Nexus 9000 Series Switches in ACI Mode
Cisco Nexus 9000 Series Switches NX-OS Mode
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote unauthenticated user to cause DoS conditions on the target system.
The weakness is caused by insufficient input validation of the BGP update messages. By sending such massages attackers can cause the affected device reload.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
The weakness is caused by insufficient input validation of the BGP update messages. By sending such massages attackers can cause the affected device reload.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
Remediation
Update Cisco Nexus 1000 Series Switches to 5.2(1)SV3(1.15).
Update Cisco Nexus 3000 Series Switches to 6.0(2)U6(7) or 7.0(3)I4(1).
Update Cisco Nexus 3500 Series Switches to 6.0(2)A8(1).
Update Cisco Nexus 2000, 5500, 6000 Series Switches to 7.1(4)N1(1), 7.2(2)N1(1) or 7.3(0)N1(1).
Update Cisco Nexus 7000, 7700Series Switches to 7.2(2)D1(1) or 7.3(1)D1(1).
Update Cisco Nexus 9000 Series Switches in ACI Mode to 11.1(1j).
Update Cisco Nexus 9000 Series Switches in NX-OS Mode to 7.0(3)I4(1)
Update Cisco Nexus 3000 Series Switches to 6.0(2)U6(7) or 7.0(3)I4(1).
Update Cisco Nexus 3500 Series Switches to 6.0(2)A8(1).
Update Cisco Nexus 2000, 5500, 6000 Series Switches to 7.1(4)N1(1), 7.2(2)N1(1) or 7.3(0)N1(1).
Update Cisco Nexus 7000, 7700Series Switches to 7.2(2)D1(1) or 7.3(1)D1(1).
Update Cisco Nexus 9000 Series Switches in ACI Mode to 11.1(1j).
Update Cisco Nexus 9000 Series Switches in NX-OS Mode to 7.0(3)I4(1)