HomePentest-Tools.com Logo

Cisco NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability (cisco-sa-20160323-lisp) CVE-2016-1351

Severity
CVSSv3 Score
7.5
Vulnerability description

A vulnerability in the Locator/ID Separation Protocol (LISP) of Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device.

Risk description

The vulnerability is due to a lack of proper input validation when a malformed LISP packet header is received. An attacker could exploit this vulnerability by sending a malformed LISP packet on UDP port 4341. An exploit could allow the attacker to cause a denial of service (DoS) condition.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 26, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available