Cisco FXOS and NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability
by CIRT Team
Description: A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
Impact: The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload.
An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
Reference URL’s:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-aaavty
- http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-3883
- http://www.securityfocus.com/bid/101493/info
Recommended Posts
Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh
06 Nov 2024 - Security Advisories & Alerts