Buffer overflow in Cisco Mds_9000

CVE-2013-5566

Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug I…

Vulnerability class: Buffer Overflow

EPSS: 0.011 (78.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Mds_9000
Cisco Nx-os — versions 4.0, 4.0\(0\)n1\(1a\), 4.0\(0\)n1\(2\)
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

20131106 Cisco MDS Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)