Guest

Preview Tool

Cisco Bug: CSCuq71257 - Cisco FXOS and NX-OS Authentication, Authorization, and Accounting Denial of Service Vulnerability

Last Modified

Jul 21, 2020

Products (1)

  • Cisco Nexus 5000 Series Switches

Known Affected Releases

7.1(0)RGD(0.5)

Description (partial)

Symptom:
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload.

An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-aaavty

Conditions:
Please refer to the Security Advisory.

Related Community Discussions

<key>CSCuq71257</key> - Cisco FXOS and NX-OS Authentication, Authorization, and Accounting Denial of Service Vulnerability
In Cisco Security Advisory, it is stated N5K  running on software version 7.1 is affected.  However, in its documentation for Bug <key>CSCuq71257</key>, it mentioned only 7.1(0)RGD(0.5) is affected.   My question, if my N5K is running on 7.1(4), is it also affected? Why Cisco's documentation is not straight to the point?
Latest activity: Nov 08, 2017
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.