A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads.
The vulnerability is due to a lack of proper FCoE frame padding validation. An attacker could exploit this vulnerability by sending a stream of crafted FCoE frames to the targeted device. An exploit could allow the attacker to cause a DoS condition, which would impact FCoE traffic passing through the device. The attacker’s server must be directly connected to the FCoE interface on the device that is running Cisco NX-OS Software to exploit this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-nxos [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-nxos”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | cisco_nx-os_system_software | 7.3(1)n1 | cpe:2.3:a:cisco:cisco_nx-os_system_software:7.3\(1\)n1:*:*:*:*:*:*:* |
cisco | cisco_nx-os_system_software | 8.0 | cpe:2.3:a:cisco:cisco_nx-os_system_software:8.0:*:*:*:*:*:*:* |
cisco | cisco_nx-os_system_software | 7.3(1)n1(1) | cpe:2.3:a:cisco:cisco_nx-os_system_software:7.3\(1\)n1\(1\):*:*:*:*:*:*:* |
cisco | cisco_nx-os_system_software | 8.0(1)s2 | cpe:2.3:a:cisco:cisco_nx-os_system_software:8.0\(1\)s2:*:*:*:*:*:*:* |
cisco | cisco_nx-os_system_software | 8.0(1) | cpe:2.3:a:cisco:cisco_nx-os_system_software:8.0\(1\):*:*:*:*:*:*:* |