CVE-2022-20823

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

Una vulnerabilidad en la funcionalidad OSPF versión 3 (OSPFv3) del software Cisco NX-OS podría permitir a un atacante remoto no autenticado provocar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación incompleta de la entrada de paquetes OSPFv3 específicos. Un atacante podría explotar esta vulnerabilidad mediante el envío de un anuncio de estado de enlace (LSA) OSPFv3 malicioso a un dispositivo afectado. Una explotación con éxito podría permitir al atacante hacer que el proceso OSPFv3 sea bloqueado y reiniciado varias veces, haciendo al dispositivo afectado recargarse y resultando en una condición de DoS. Nota: La función OSPFv3 está deshabilitada por defecto. Para explotar esta vulnerabilidad, un atacante debe ser capaz de establecer un estado de vecino OSPFv3 completo con un dispositivo afectado. Para obtener más información sobre las condiciones de explotación, consulte la sección Detalles de este aviso.