Cisco NX-OS Software External Border Gateway Protocol Denial of Service Vulnerability [CVE-2024-20321]
CVE number – CVE-2024-20321
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue.
An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device.
A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.
Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.