CVE-2023-20089 - Vulnerability Details

Vendors	Products
Cisco	Nexus 9000v Nexus 92160yc-x Nexus 92300yc Nexus 92304qc Nexus 92348gc-x Nexus 9236c Nexus 9272q Nexus 93108tc-ex Nexus 93108tc-ex-24 Nexus 93108tc-fx Nexus 93108tc-fx-24 Nexus 93108tc-fx3p Nexus 93120tx Nexus 93128tx Nexus 9316d-gx Nexus 93180lc-ex Nexus 93180yc-ex Nexus 93180yc-ex-24 Nexus 93180yc-fx Nexus 93180yc-fx-24 Nexus 93180yc-fx3 Nexus 93180yc-fx3s Nexus 93216tc-fx2 Nexus 93240yc-fx2 Nexus 9332c Nexus 9332d-gx2b Nexus 9332pq Nexus 93360yc-fx2 Nexus 9336c-fx2 Nexus 9336c-fx2-e Nexus 9336pq Aci Spine Nexus 9348d-gx2a Nexus 9348gc-fxp Nexus 93600cd-gx Nexus 9364c Nexus 9364c-gx Nexus 9364d-gx2a Nexus 9372px Nexus 9372px-e Nexus 9372tx Nexus 9372tx-e Nexus 9396px Nexus 9396tx Nexus 9408 Nexus 9508 Nexus 9808 Nx-os

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-20089", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "dateUpdated": "2024-10-25T16:03:47.738Z", "dateReserved": "2022-10-27T00:00:00", "datePublished": "2023-02-23T00:00:00"}, "containers": {"cna": {"title": "Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", "datePublic": "2023-02-22T00:00:00", "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2023-02-23T00:00:00"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required."}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS System Software in ACI Mode ", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", "tags": ["vendor-advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-789", "cweId": "CWE-789"}]}], "source": {"advisory": "cisco-sa-aci-lldp-dos-ySCNZOpX", "defect": [["CSCwc23246"]], "discovery": "INTERNAL"}, "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.883Z"}, "title": "CVE Program Container", "references": [{"name": "20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_transferred"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-25T14:36:32.500030Z", "id": "CVE-2023-20089", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-25T16:03:47.738Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2023-20089 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

dateUpdated : 2024-10-25T16:03:47.738Z (string)

dateReserved : 2022-10-27T00:00:00 (string)

datePublished : 2023-02-23T00:00:00 (string)

}

containers : { »

cna : { »

title : Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability (string)

datePublic : 2023-02-22T00:00:00 (string)

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2023-02-23T00:00:00 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required. (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco NX-OS System Software in ACI Mode (string)

versions : [ »

0 : { »

version : n/a (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

name : 20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

attackVector : ADJACENT_NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : NONE (string)

userInteraction : NONE (string)

scope : CHANGED (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

availabilityImpact : HIGH (string)

baseScore : 7.4 (number)

baseSeverity : HIGH (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

lang : en (string)

description : CWE-789 (string)

cweId : CWE-789 (string)

}

]

}

]

source : { »

advisory : cisco-sa-aci-lldp-dos-ySCNZOpX (string)

defect : [ »

0 : [ »

0 : CSCwc23246 (string)

]

discovery : INTERNAL (string)

}

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T08:57:35.883Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20230222 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_transferred (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX (string)

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-10-25T14:36:32.500030Z (string)

id : CVE-2023-20089 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-25T16:03:47.738Z (string)

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(1g\\):*:*:*:*:*:*:*", "matchCriteriaId": "D4C90C63-E006-4101-A737-429B28A5ABD5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2e\\):*:*:*:*:*:*:*", "matchCriteriaId": "0235897B-D881-4C22-AEC5-6B0D8552B47B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2f\\):*:*:*:*:*:*:*", "matchCriteriaId": "77B4432C-D3C1-45DA-8E2B-1282A98D4D66", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2g\\):*:*:*:*:*:*:*", "matchCriteriaId": "FE2846A6-62B3-4035-968C-AA73FFA1EA67", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(2h\\):*:*:*:*:*:*:*", "matchCriteriaId": "C6DC1C38-8134-4548-9685-03664699B273", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3e\\):*:*:*:*:*:*:*", "matchCriteriaId": "C46E10DB-6CA8-460F-9C6D-48684BDCCEA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3f\\):*:*:*:*:*:*:*", "matchCriteriaId": "D027C394-ED7D-4302-92B1-F9A2F60C8568", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(3g\\):*:*:*:*:*:*:*", "matchCriteriaId": "3914D468-662E-4F82-910F-67800189462E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4d\\):*:*:*:*:*:*:*", "matchCriteriaId": "6502FEA6-A959-48F3-84E7-6E2180D23956", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4e\\):*:*:*:*:*:*:*", "matchCriteriaId": "1336D0EA-F391-411D-B140-040E805DF3DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(4f\\):*:*:*:*:*:*:*", "matchCriteriaId": "60BC734F-D9DB-42B9-82C4-4A23C2A3C14D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5c\\):*:*:*:*:*:*:*", "matchCriteriaId": "F9F5D422-54B8-47F2-96E6-A820E27658DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5d\\):*:*:*:*:*:*:*", "matchCriteriaId": "F2BBBEDF-6869-4C99-A1D9-1AF53EFA82E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.2\\(5e\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBB9500B-84F9-4B35-95C6-26F57BE8145C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:16.0\\(1g\\):*:*:*:*:*:*:*", "matchCriteriaId": "6B68CD3E-700F-43D2-960C-C53A6EE241B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:16.0\\(1j\\):*:*:*:*:*:*:*", "matchCriteriaId": "743AED05-E2D7-4322-8814-C803F0BD6265", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", "matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", "matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required."}], "id": "CVE-2023-20089", "lastModified": "2024-11-21T07:40:31.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-23T20:15:13.557", "references": [{"source": "ykramarz@cisco.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-789"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(1g\):*:*:*:*:*:*:* (string)

matchCriteriaId : D4C90C63-E006-4101-A737-429B28A5ABD5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(2e\):*:*:*:*:*:*:* (string)

matchCriteriaId : 0235897B-D881-4C22-AEC5-6B0D8552B47B (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(2f\):*:*:*:*:*:*:* (string)

matchCriteriaId : 77B4432C-D3C1-45DA-8E2B-1282A98D4D66 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(2g\):*:*:*:*:*:*:* (string)

matchCriteriaId : FE2846A6-62B3-4035-968C-AA73FFA1EA67 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(2h\):*:*:*:*:*:*:* (string)

matchCriteriaId : C6DC1C38-8134-4548-9685-03664699B273 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(3e\):*:*:*:*:*:*:* (string)

matchCriteriaId : C46E10DB-6CA8-460F-9C6D-48684BDCCEA9 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(3f\):*:*:*:*:*:*:* (string)

matchCriteriaId : D027C394-ED7D-4302-92B1-F9A2F60C8568 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(3g\):*:*:*:*:*:*:* (string)

matchCriteriaId : 3914D468-662E-4F82-910F-67800189462E (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(4d\):*:*:*:*:*:*:* (string)

matchCriteriaId : 6502FEA6-A959-48F3-84E7-6E2180D23956 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(4e\):*:*:*:*:*:*:* (string)

matchCriteriaId : 1336D0EA-F391-411D-B140-040E805DF3DB (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(4f\):*:*:*:*:*:*:* (string)

matchCriteriaId : 60BC734F-D9DB-42B9-82C4-4A23C2A3C14D (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(5c\):*:*:*:*:*:*:* (string)

matchCriteriaId : F9F5D422-54B8-47F2-96E6-A820E27658DE (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(5d\):*:*:*:*:*:*:* (string)

matchCriteriaId : F2BBBEDF-6869-4C99-A1D9-1AF53EFA82E0 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.2\(5e\):*:*:*:*:*:*:* (string)

matchCriteriaId : CBB9500B-84F9-4B35-95C6-26F57BE8145C (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:cisco:nx-os:16.0\(1g\):*:*:*:*:*:*:* (string)

matchCriteriaId : 6B68CD3E-700F-43D2-960C-C53A6EE241B1 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:cisco:nx-os:16.0\(1j\):*:*:*:*:*:*:* (string)

matchCriteriaId : 743AED05-E2D7-4322-8814-C803F0BD6265 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CD9C1F1-8582-4F67-A77D-97CBFECB88B8 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4283E433-7F8C-4410-B565-471415445811 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F80AB6FB-32FD-43D7-A9F1-80FA47696210 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D5B2E4C1-2627-4B9D-8E92-4B483F647651 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 557ED31C-C26A-4FAE-8B14-D06B49F7F08B (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 11411BFD-3F4D-4309-AB35-A3629A360FB0 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E663DE91-C86D-48DC-B771-FA72A8DF7A7C (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A90184B3-C82F-4CE5-B2AD-97D5E4690871 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 40E40F42-632A-47DF-BE33-DC25B826310B (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BBEF7F26-BB47-44BD-872E-130820557C23 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 07DE6F63-2C7D-415B-8C34-01EC05C062F3 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F423E45D-A6DD-4305-9C6A-EAB26293E53A (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 102F91CD-DFB6-43D4-AE5B-DA157A696230 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E952A96A-0F48-4357-B7DD-1127D8827650 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F70D81F1-8B12-4474-9060-B4934D8A3873 (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5394DE31-3863-4CA9-B7B1-E5227183100D (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7349D69B-D8FA-4462-AA28-69DD18A652D9 (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FE4BB834-2C00-4384-A78E-AF3BCDDC58AF (string)

vulnerable : false (boolean)

}

20 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F (string)

vulnerable : false (boolean)

}

21 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CE49B45-F2E9-491D-9C29-1B46E9CE14E2 (string)

vulnerable : false (boolean)

}

22 : { »

criteria : cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26 (string)

vulnerable : false (boolean)

}

23 : { »

criteria : cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 91231DC6-2773-4238-8C14-A346F213B5E5 (string)

vulnerable : false (boolean)

}

24 : { »

criteria : cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2DF88547-BAF4-47B0-9F60-80A30297FCEB (string)

vulnerable : false (boolean)

}

25 : { »

criteria : cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 02C3CE6D-BD54-48B1-A188-8E53DA001424 (string)

vulnerable : false (boolean)

}

26 : { »

criteria : cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 113772B6-E9D2-4094-9468-3F4E1A87D07D (string)

vulnerable : false (boolean)

}

27 : { »

criteria : cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C45A38D6-BED6-4FEF-AD87-A1E813695DE0 (string)

vulnerable : false (boolean)

}

28 : { »

criteria : cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F1FC2B1F-232E-4754-8076-CC82F3648730 (string)

vulnerable : false (boolean)

}

29 : { »

criteria : cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC (string)

vulnerable : false (boolean)

}

30 : { »

criteria : cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 785FD17C-F32E-4042-9DDE-A89B3AAE0334 (string)

vulnerable : false (boolean)

}

31 : { »

criteria : cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 73DC1E93-561E-490C-AE0E-B02BAB9A7C8E (string)

vulnerable : false (boolean)

}

32 : { »

criteria : cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9 (string)

vulnerable : false (boolean)

}

33 : { »

criteria : cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF467E2-4567-426E-8F48-39669E0F514C (string)

vulnerable : false (boolean)

}

34 : { »

criteria : cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 63842B25-8C32-4988-BBBD-61E9CB09B4F3 (string)

vulnerable : false (boolean)

}

35 : { »

criteria : cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 68EA1FEF-B6B6-49FE-A0A4-5387F76303F8 (string)

vulnerable : false (boolean)

}

36 : { »

criteria : cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 40D6DB7F-C025-4971-9615-73393ED61078 (string)

vulnerable : false (boolean)

}

37 : { »

criteria : cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4364ADB9-8162-451D-806A-B98924E6B2CF (string)

vulnerable : false (boolean)

}

38 : { »

criteria : cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B53BCB42-ED61-4FCF-8068-CB467631C63C (string)

vulnerable : false (boolean)

}

39 : { »

criteria : cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 49E0371B-FDE2-473C-AA59-47E1269D050F (string)

vulnerable : false (boolean)

}

40 : { »

criteria : cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 489D11EC-5A18-4F32-BC7C-AC1FCEC27222 (string)

vulnerable : false (boolean)

}

41 : { »

criteria : cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1BC5293E-F2B4-46DC-85DA-167EA323FCFD (string)

vulnerable : false (boolean)

}

42 : { »

criteria : cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EA022E77-6557-4A33-9A3A-D028E2DB669A (string)

vulnerable : false (boolean)

}

43 : { »

criteria : cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D8D5D5E2-B40B-475D-9EF3-8441016E37E9 (string)

vulnerable : false (boolean)

}

44 : { »

criteria : cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:* (string)

matchCriteriaId : DDC2F709-AFBE-48EA-A3A2-DA1134534FB6 (string)

vulnerable : false (boolean)

}

45 : { »

criteria : cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3284D16F-3275-4F8D-8AE4-D413DE19C4FA (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause a memory leak, which could result in a denial of service (DoS) condition when the device unexpectedly reloads. Note: This vulnerability cannot be exploited by transit traffic through the device. The crafted LLDP packet must be targeted to a directly connected interface, and the attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). In addition, the attack surface for this vulnerability can be reduced by disabling LLDP on interfaces where it is not required. (string)

}

]

id : CVE-2023-20089 (string)

lastModified : 2024-11-21T07:40:31.967 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : ADJACENT_NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.4 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 4 (number)

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : ADJACENT_NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-02-23T20:15:13.557 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-789 (string)

}

]

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-401 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object