Race condition

2020-02-0518:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.3%

JSON

A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

CPENameOperatorVersion
firepower_extensible_operating_systemle2.3.1.173
firepower_extensible_operating_systemge2.6
firepower_extensible_operating_systemlt2.6.1.187
firepower_extensible_operating_systemge2.7
firepower_extensible_operating_systemlt2.7.1.106
fxoseq2.4
ios_xreq5.2.5
ios_xreq6.4.2
ios_xreq6.5.3
ios_xreq6.6.25

Name	Operator	Version
firepower_extensible_operating_system	le	2.3.1.173
firepower_extensible_operating_system	ge	2.6
firepower_extensible_operating_system	lt	2.6.1.187
firepower_extensible_operating_system	ge	2.7
firepower_extensible_operating_system	lt	2.7.1.106
fxos	eq	2.4
ios_xr	eq	5.2.5
ios_xr	eq	6.4.2
ios_xr	eq	6.5.3
ios_xr	eq	6.6.25