A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00108.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Cisco Cisco NX-OS Software affected
Version Status Constraints
4.2(1)SV1(4) affected
4.2(1)SV1(4a) affected
4.2(1)SV1(4b) affected
4.2(1)SV1(5.1) affected
4.2(1)SV1(5.1a) affected
4.2(1)SV1(5.2) affected
4.2(1)SV1(5.2b) affected
4.2(1)SV2(1.1) affected
4.2(1)SV2(1.1a) affected
4.2(1)SV2(2.1) affected
4.2(1)SV2(2.1a) affected
4.2(1)SV2(2.2) affected
4.2(1)SV2(2.3) affected
5.2(1)SM1(5.1) affected
5.2(1)SM1(5.2) affected
5.2(1)SM1(5.2a) affected
5.2(1)SM1(5.2b) affected
5.2(1)SM1(5.2c) affected
5.2(1)SM3(1.1) affected
5.2(1)SM3(1.1a) affected
5.2(1)SM3(1.1b) affected
5.2(1)SM3(1.1c) affected
5.2(1)SM3(2.1) affected
5.2(1)SV3(1.4) affected
5.2(1)SV3(1.1) affected
5.2(1)SV3(1.3) affected
5.2(1)SV3(1.5a) affected
5.2(1)SV3(1.5b) affected
5.2(1)SV3(1.6) affected
5.2(1)SV3(1.10) affected
5.2(1)SV3(1.15) affected
5.2(1)SV3(2.1) affected
5.2(1)SV3(2.5) affected
5.2(1)SV3(2.8) affected
5.2(1)SV3(3.1) affected
5.2(1)SV3(1.2) affected
5.2(1)SV3(1.4b) affected
5.2(1)SV3(3.15) affected
5.2(1)SV3(4.1) affected
5.2(1)SV3(4.1a) affected
5.2(1)SV3(4.1b) affected
5.2(1)SV3(4.1c) affected
6.0(2)A3(1) affected
6.0(2)A3(2) affected
6.0(2)A3(4) affected
6.0(2)A4(1) affected
6.0(2)A4(2) affected
6.0(2)A4(3) affected
6.0(2)A4(4) affected
6.0(2)A4(5) affected
6.0(2)A4(6) affected
6.0(2)A6(1) affected
6.0(2)A6(1a) affected
6.0(2)A6(2) affected
6.0(2)A6(2a) affected
6.0(2)A6(3) affected
6.0(2)A6(3a) affected
6.0(2)A6(4) affected
6.0(2)A6(4a) affected
6.0(2)A6(5) affected
6.0(2)A6(5a) affected
6.0(2)A6(5b) affected
6.0(2)A6(6) affected
6.0(2)A6(7) affected
6.0(2)A6(8) affected
6.0(2)A7(1) affected
6.0(2)A7(1a) affected
6.0(2)A7(2) affected
6.0(2)A7(2a) affected
6.0(2)A8(1) affected
6.0(2)A8(2) affected
6.0(2)A8(3) affected
6.0(2)A8(4) affected
6.0(2)A8(4a) affected
6.0(2)A8(5) affected
6.0(2)A8(6) affected
6.0(2)A8(7) affected
6.0(2)A8(7a) affected
6.0(2)A8(7b) affected
6.0(2)A8(8) affected
6.0(2)A8(9) affected
6.0(2)A8(10a) affected
6.0(2)A8(10) affected
6.0(2)A8(11) affected
6.0(2)A8(11a) affected
6.0(2)A8(11b) affected
6.0(2)U2(1) affected
6.0(2)U2(2) affected
6.0(2)U2(3) affected
6.0(2)U2(4) affected
6.0(2)U2(5) affected
6.0(2)U2(6) affected
6.0(2)U3(1) affected
6.0(2)U3(2) affected
6.0(2)U3(3) affected
6.0(2)U3(4) affected
6.0(2)U3(5) affected
6.0(2)U3(6) affected
6.0(2)U3(7) affected
6.0(2)U3(8) affected
6.0(2)U3(9) affected
6.0(2)U4(1) affected
6.0(2)U4(2) affected
6.0(2)U4(3) affected
6.0(2)U4(4) affected
6.0(2)U5(1) affected
6.0(2)U5(2) affected
6.0(2)U5(3) affected
6.0(2)U5(4) affected
6.0(2)U6(1) affected
6.0(2)U6(2) affected
6.0(2)U6(3) affected
6.0(2)U6(4) affected
6.0(2)U6(5) affected
6.0(2)U6(6) affected
6.0(2)U6(7) affected
6.0(2)U6(8) affected
6.0(2)U6(1a) affected
6.0(2)U6(2a) affected
6.0(2)U6(3a) affected
6.0(2)U6(4a) affected
6.0(2)U6(5a) affected
6.0(2)U6(5b) affected
6.0(2)U6(5c) affected
6.0(2)U6(9) affected
6.0(2)U6(10) affected
6.2(2) affected
6.2(2a) affected
6.2(6) affected
6.2(6b) affected
6.2(8) affected
6.2(8a) affected
6.2(8b) affected
6.2(10) affected
6.2(12) affected
6.2(18) affected
6.2(16) affected
6.2(14) affected
6.2(6a) affected
6.2(20) affected
6.2(1) affected
6.2(3) affected
6.2(5) affected
6.2(5a) affected
6.2(5b) affected
6.2(7) affected
6.2(9) affected
6.2(9a) affected
6.2(9b) affected
6.2(9c) affected
6.2(11) affected
6.2(11b) affected
6.2(11c) affected
6.2(11d) affected
6.2(11e) affected
6.2(13) affected
6.2(13a) affected
6.2(13b) affected
6.2(15) affected
6.2(17) affected
6.2(19) affected
6.2(21) affected
6.2(23) affected
6.2(20a) affected
6.2(25) affected
6.2(22) affected
6.2(27) affected
6.2(29) affected
6.2(24) affected
6.2(31) affected
6.2(24a) affected
6.2(33) affected
7.0(3)F1(1) affected
7.0(3)F2(1) affected
7.0(3)F2(2) affected
7.0(3)F3(1) affected
7.0(3)F3(2) affected
7.0(3)F3(3) affected
7.0(3)F3(3a) affected
7.0(3)F3(4) affected
7.0(3)F3(3c) affected
7.0(3)F3(5) affected
7.0(3)I2(2a) affected
7.0(3)I2(2b) affected
7.0(3)I2(2c) affected
7.0(3)I2(2d) affected
7.0(3)I2(2e) affected
7.0(3)I2(3) affected
7.0(3)I2(4) affected
7.0(3)I2(5) affected
7.0(3)I2(1) affected
7.0(3)I2(1a) affected
7.0(3)I2(2) affected
7.0(3)I3(1) affected
7.0(3)I4(1) affected
7.0(3)I4(2) affected
7.0(3)I4(3) affected
7.0(3)I4(4) affected
7.0(3)I4(5) affected
7.0(3)I4(6) affected
7.0(3)I4(7) affected
7.0(3)I4(8) affected
7.0(3)I4(8a) affected
7.0(3)I4(8b) affected
7.0(3)I4(8z) affected
7.0(3)I4(9) affected
7.0(3)I5(1) affected
7.0(3)I5(2) affected
7.0(3)I6(1) affected
7.0(3)I6(2) affected
7.0(3)I7(1) affected
7.0(3)I7(2) affected
7.0(3)I7(3) affected
7.0(3)I7(4) affected
7.0(3)I7(5) affected
7.0(3)I7(5a) affected
7.0(3)I7(6) affected
7.0(3)I7(7) affected
7.0(3)I7(8) affected
7.0(3)I7(9) affected
7.0(3)I7(10) affected
7.1(0)N1(1a) affected
7.1(0)N1(1b) affected
7.1(0)N1(1) affected
7.1(1)N1(1) affected
7.1(2)N1(1) affected
7.1(3)N1(1) affected
7.1(3)N1(2) affected
7.1(4)N1(1) affected
7.1(5)N1(1) affected
7.1(5)N1(1b) affected
7.2(0)D1(1) affected
7.2(1)D1(1) affected
7.2(2)D1(2) affected
7.2(2)D1(1) affected
7.3(0)D1(1) affected
7.3(0)DX(1) affected
7.3(0)DY(1) affected
7.3(0)N1(1) affected
7.3(1)D1(1) affected
7.3(1)DY(1) affected
7.3(1)N1(1) affected
7.3(2)D1(1) affected
7.3(2)D1(2) affected
7.3(2)D1(3) affected
7.3(2)D1(3a) affected
7.3(2)N1(1) affected
7.3(3)N1(1) affected
8.0(1) affected
8.1(1) affected
8.1(2) affected
8.1(2a) affected
8.1(1a) affected
8.1(1b) affected
8.2(1) affected
8.2(2) affected
8.2(3) affected
8.2(4) affected
8.2(5) affected
8.2(6) affected
8.2(7) affected
8.2(7a) affected
8.2(8) affected
8.2(9) affected
8.3(1) affected
8.3(2) affected
9.2(1) affected
9.2(2) affected
9.2(2t) affected
9.2(3) affected
9.2(4) affected
9.2(2v) affected
9.2(1a) affected
7.3(4)N1(1) affected
7.3(3)D1(1) affected
7.3(4)D1(1) affected
7.3(5)N1(1) affected
5.2(1)SK3(1.1) affected
5.2(1)SK3(2.1) affected
5.2(1)SK3(2.2) affected
5.2(1)SK3(2.2b) affected
5.2(1)SK3(2.1a) affected
5.2(1)SV5(1.1) affected
5.2(1)SV5(1.2) affected
5.2(1)SV5(1.3) affected
5.2(1)SV5(1.3a) affected
5.2(1)SV5(1.3b) affected
5.2(1)SV5(1.3c) affected
8.4(1) affected
8.4(1a) affected
8.4(2) affected
8.4(2a) affected
8.4(3) affected
8.4(2b) affected
8.4(4) affected
8.4(2c) affected
8.4(4a) affected
8.4(5) affected
8.4(2d) affected
8.4(6) affected
8.4(2e) affected
8.4(6a) affected
8.4(7) affected
8.4(2f) affected
9.3(1) affected
9.3(2) affected
9.3(3) affected
9.3(4) affected
9.3(5) affected
9.3(6) affected
9.3(7) affected
9.3(7a) affected
9.3(8) affected
9.3(9) affected
9.3(10) affected
9.3(11) affected
7.3(6)N1(1) affected
7.3(5)D1(1) affected
7.3(7)N1(1) affected
7.3(7)N1(1a) affected
7.3(7)N1(1b) affected
7.3(6)D1(1) affected
7.3(8)N1(1) affected
7.3(7)D1(1) affected
7.3(9)N1(1) affected
10.1(1) affected
10.1(2) affected
10.1(2t) affected
8.5(1) affected
7.3(10)N1(1) affected
7.3(8)D1(1) affected
10.2(1) affected
10.2(1q) affected
10.2(2) affected
10.2(3) affected
10.2(3t) affected
10.2(4) affected
10.2(5) affected
7.3(9)D1(1) affected
7.3(11)N1(1) affected
7.3(12)N1(1) affected
10.3(1) affected
10.3(2) affected
7.3(13)N1(1) affected

Configuration 1 [-]

AND
OR cpe:2.3:o:cisco:nx-os:9.3\(11\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:nx-os:10.2\(5\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:microsoft_hyper-v:*:*
cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Cisco Subscribe
Mds 9000 Subscribe
Mds 9100 Subscribe
Mds 9132t Subscribe
Mds 9134 Subscribe
Mds 9140 Subscribe
Mds 9148 Subscribe
Mds 9148s Subscribe
Mds 9148t Subscribe
Mds 9200 Subscribe
Mds 9216 Subscribe
Mds 9216a Subscribe
Mds 9216i Subscribe
Mds 9222i Subscribe
Mds 9250i Subscribe
Mds 9396s Subscribe
Mds 9396t Subscribe
Mds 9500 Subscribe
Mds 9506 Subscribe
Mds 9509 Subscribe
Mds 9513 Subscribe
Mds 9700 Subscribe
Mds 9706 Subscribe
Mds 9710 Subscribe
Mds 9718 Subscribe
Nexus 1000 Virtual Edge Subscribe
Nexus 1000v Subscribe
Nexus 3048 Subscribe
Nexus 31108pc-v Subscribe
Nexus 31108tc-v Subscribe
Nexus 31128pq Subscribe
Nexus 3132c-z Subscribe
Nexus 3132q-v Subscribe
Nexus 3132q-xl Subscribe
Nexus 3164q Subscribe
Nexus 3172pq Subscribe
Nexus 3172pq-xl Subscribe
Nexus 3172tq Subscribe
Nexus 3172tq-32t Subscribe
Nexus 3172tq-xl Subscribe
Nexus 3232 Subscribe
Nexus 3264c-e Subscribe
Nexus 3264q Subscribe
Nexus 3408-s Subscribe
Nexus 34180yc Subscribe
Nexus 34200yc-sm Subscribe
Nexus 3432d-s Subscribe
Nexus 3464c Subscribe
Nexus 3524 Subscribe
Nexus 3524-x Subscribe
Nexus 3524-xl Subscribe
Nexus 3548 Subscribe
Nexus 3548-x Subscribe
Nexus 3548-xl Subscribe
Nexus 36180yc-r Subscribe
Nexus 5500 Subscribe
Nexus 5548p Subscribe
Nexus 5548up Subscribe
Nexus 5596t Subscribe
Nexus 5596up Subscribe
Nexus 5600 Subscribe
Nexus 56128p Subscribe
Nexus 5624q Subscribe
Nexus 5648q Subscribe
Nexus 5672up Subscribe
Nexus 5672up-16g Subscribe
Nexus 5696q Subscribe
Nexus 6000 Subscribe
Nexus 6001 Subscribe
Nexus 6001p Subscribe
Nexus 6001t Subscribe
Nexus 6004 Subscribe
Nexus 6004x Subscribe
Nexus 7000 Subscribe
Nexus 7004 Subscribe
Nexus 7009 Subscribe
Nexus 7010 Subscribe
Nexus 7018 Subscribe
Nexus 9232e Subscribe
Nexus 92348gc-x Subscribe
Nexus 9408 Subscribe
Nexus 9504 Subscribe
Nexus 9508 Subscribe
Nexus 9516 Subscribe
Nx-os Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2023-24347 A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-02T09:05:35.038Z

Reserved: 2022-10-27T18:47:50.362Z

Link: CVE-2023-20168

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-08-23T19:15:07.777

Modified: 2024-11-21T07:40:43.873

Link: CVE-2023-20168

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses