Cisco NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability (cisco-sa-20160323-lisp) CVE-2016-1351
- CVSSv3 Score
- Vulnerability description
A vulnerability in the Locator/ID Separation Protocol (LISP) of Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device.
- Risk description
The vulnerability is due to a lack of proper input validation when a malformed LISP packet header is received. An attacker could exploit this vulnerability by sending a malformed LISP packet on UDP port 4341. An exploit could allow the attacker to cause a denial of service (DoS) condition.
See the referenced vendor advisory for a solution.
- Not available