Description
A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
Problem types
Product status
9.2(3)
9.2(2v)
9.2(1)
9.2(2t)
9.2(3y)
9.3(2)
9.2(4)
9.3(1)
9.3(1z)
9.2(2)
9.3(3)
9.3(4)
9.3(5)
9.3(6)
10.1(2)
10.1(1)
9.3(5w)
9.3(7)
9.3(7k)
10.2(1)
9.3(7a)
9.3(8)
10.2(1q)
10.2(2)
9.3(9)
10.1(2t)
10.2(3)
10.2(3t)
9.3(10)
10.2(2a)
10.3(1)
10.2(4)
10.3(2)
9.3(11)
10.3(3)
10.2(5)
9.3(12)
10.2(3v)
10.4(1)
10.3(99w)
10.2(6)
10.3(3w)
10.3(99x)
10.3(3o)
10.3(4)
10.3(3p)
10.3(4a)
10.4(2)
10.3(3q)
9.3(13)
10.3(5)
10.2(7)
10.4(3)
10.3(3x)
10.3(4g)
10.5(1)
10.2(8)
10.3(3r)
10.3(6)
9.3(14)
10.4(4)
10.3(4h)
10.5(2)
10.4(4g)
References
sec.cloudapps.cisco.com/...sory/cisco-sa-nxospc-pim6-vG4jFPh (cisco-sa-nxospc-pim6-vG4jFPh)
