Guest

Preview Tool

Cisco Bug: CSCur38749 - Connection to a non-existent host is consumed/precessed by xTR itself

Last Modified

Feb 23, 2018

Products (8)

  • Cisco Nexus 7000 Series Switches
  • Cisco Nexus 7000 10-Slot Switch
  • Cisco Nexus 7000 4-Slot Switch
  • Cisco Nexus 7700 6-Slot Switch
  • Cisco Nexus 7000 18-Slot Switch
  • Cisco Nexus 7700 18-Slot Switch
  • Cisco Nexus 7700 10-Slot Switch
  • Cisco Nexus 7000 9-Slot Switch

Known Affected Releases

6.2(10)

Description (partial)

Symptom:
A vulnerability in Cisco Locator/ID Separation Protocol (LISP) feature of Cisco NX-OS could allow an authenticated, remote attacker to use SSH connection to a non-existent host covered by lisp mobile prefix 
from outside of the DC and get presented with the xTR login prompt.
An attacker still needs to have login credentials for NX-OS device in order to be able to log in.

Conditions:
LISP mobility and lisp enabled interface need to be configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.