CVE-2022-20623
Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error in the BFD rate limiter functionality. An attacker could exploit this vulnerability by sending a crafted stream of traffic through the device. A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition. This vulnerability applies to both IPv4 and IPv6 traffic.
Una vulnerabilidad en el limitador de velocidad para el tráfico de detección de reenvío bidireccional (BFD) del software Cisco NX-OS para los switches Cisco Nexus de la serie 9000 podría permitir a un atacante remoto no autenticado hacer que se pierda el tráfico BFD en un dispositivo afectado. Esta vulnerabilidad se debe a un error lógico en la funcionalidad del limitador de velocidad BFD. Un atacante podría explotar esta vulnerabilidad enviando un flujo de tráfico manipulado a través del dispositivo. Una explotación exitosa podría permitir al atacante causar la caída del tráfico BFD, resultando en la interrupción de la sesión BFD. Las interrupciones de la sesión BFD pueden causar inestabilidad en la ruta y la caída del tráfico, lo que resulta en una condición de denegación de servicio (DoS). Esta vulnerabilidad se aplica tanto al tráfico IPv4 como al IPv6
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-11-02 CVE Reserved
- 2022-02-23 CVE Published
- 2023-09-16 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c92160yc-x Search vendor "Cisco" for product "N9k-c92160yc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c92300yc Search vendor "Cisco" for product "N9k-c92300yc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c92304qc Search vendor "Cisco" for product "N9k-c92304qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9232c Search vendor "Cisco" for product "N9k-c9232c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c92348gc-x Search vendor "Cisco" for product "N9k-c92348gc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9236c Search vendor "Cisco" for product "N9k-c9236c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9272q Search vendor "Cisco" for product "N9k-c9272q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93108tc-ex Search vendor "Cisco" for product "N9k-c93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93108tc-fx Search vendor "Cisco" for product "N9k-c93108tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9316d-gx Search vendor "Cisco" for product "N9k-c9316d-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93180lc-ex Search vendor "Cisco" for product "N9k-c93180lc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93180yc-ex Search vendor "Cisco" for product "N9k-c93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93180yc-fx Search vendor "Cisco" for product "N9k-c93180yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93180yc2-fx Search vendor "Cisco" for product "N9k-c93180yc2-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93216tc-fx2 Search vendor "Cisco" for product "N9k-c93216tc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93240yc-fx2 Search vendor "Cisco" for product "N9k-c93240yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9332c Search vendor "Cisco" for product "N9k-c9332c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93360yc-fx2 Search vendor "Cisco" for product "N9k-c93360yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9336c-fx2 Search vendor "Cisco" for product "N9k-c9336c-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9348gc-fxp Search vendor "Cisco" for product "N9k-c9348gc-fxp" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c93600cd-gx Search vendor "Cisco" for product "N9k-c93600cd-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9364c Search vendor "Cisco" for product "N9k-c9364c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-c9364c-gx Search vendor "Cisco" for product "N9k-c9364c-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x97160yc-ex Search vendor "Cisco" for product "N9k-x97160yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x97284yc-fx Search vendor "Cisco" for product "N9k-x97284yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9732c-ex Search vendor "Cisco" for product "N9k-x9732c-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9732c-fx Search vendor "Cisco" for product "N9k-x9732c-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9736c-ex Search vendor "Cisco" for product "N9k-x9736c-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9736c-fx Search vendor "Cisco" for product "N9k-x9736c-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i6\(2\) <= 9.3\(8\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i6\(2\) <= 9.3\(8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9788tc-fx Search vendor "Cisco" for product "N9k-x9788tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x97160yc-ex Search vendor "Cisco" for product "N9k-x97160yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x97284yc-fx Search vendor "Cisco" for product "N9k-x97284yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9732c-ex Search vendor "Cisco" for product "N9k-x9732c-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9732c-fx Search vendor "Cisco" for product "N9k-x9732c-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9736c-ex Search vendor "Cisco" for product "N9k-x9736c-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9736c-fx Search vendor "Cisco" for product "N9k-x9736c-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 10.1\(1\) <= 10.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 10.1\(1\) <= 10.2\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | N9k-x9788tc-fx Search vendor "Cisco" for product "N9k-x9788tc-fx" | - | - |
Safe
|