Vulnslist

find the latest Cisco vulnerabilities

Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability

cisco-sa-nxos-remoteauth-dos-XB6pv74m · High · Published · Updated

A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload.  This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m This advisory is part of the August 2023 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2023 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

If directed request support for TACACS+ or RADIUS is not required, the CLI commands tacacs-server directed-request and radius-server directed-request can be removed from the configuration. If the commands are not present in the configuration, the device is not vulnerable.

For additional information on the directed request option, see the appropriate guide:

Cisco Nexus 9000 Series NX-OS Security Configuration Guide: Configuring TACACS+ https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/101x/configuration/security/cisco-nexus-9000-nx-os-security-configuration-guide-101x/m-configuring-tacacs.html
Cisco Nexus 9000 Series NX-OS Security Configuration Guide: Configuring RADIUS https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/101x/configuration/security/cisco-nexus-9000-nx-os-security-configuration-guide-101x/m-configuring-radius.html

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2023-20168
Cisco Bug IDsCSCwe72368, CSCwe72670, CSCwe72648, CSCwe72673, CSCwe72674
CVSS ScoreBase 7.1
Base 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco NX-OS Software 6.0(2)A8(1), Cisco NX-OS Software 6.0(2)A8(2), Cisco NX-OS Software 6.0(2)A8(3), Cisco NX-OS Software 6.0(2)A8(4), Cisco NX-OS Software 6.0(2)A8(4a), Cisco NX-OS Software 6.0(2)A8(5), Cisco NX-OS Software 6.0(2)A8(6), Cisco NX-OS Software 6.0(2)A8(7), Cisco NX-OS Software 6.0(2)A8(7a), Cisco NX-OS Software 6.0(2)A8(7b), Cisco NX-OS Software 6.0(2)A8(8), Cisco NX-OS Software 6.0(2)A8(9), Cisco NX-OS Software 6.0(2)A8(10a), Cisco NX-OS Software 6.0(2)A8(10), Cisco NX-OS Software 6.0(2)A8(11), Cisco NX-OS Software 6.0(2)A8(11a), Cisco NX-OS Software 6.0(2)A8(11b), Cisco NX-OS Software 7.0(3)F3(1), Cisco NX-OS Software 7.0(3)F3(2), Cisco NX-OS Software 7.0(3)F3(3), Cisco NX-OS Software 7.0(3)F3(3a), Cisco NX-OS Software 7.0(3)F3(4), Cisco NX-OS Software 7.0(3)F3(3c), Cisco NX-OS Software 7.0(3)F3(5), Cisco NX-OS Software 7.0(3)I4(1), Cisco NX-OS Software 7.0(3)I4(2), Cisco NX-OS Software 7.0(3)I4(3), Cisco NX-OS Software 7.0(3)I4(4), Cisco NX-OS Software 7.0(3)I4(5), Cisco NX-OS Software 7.0(3)I4(6), Cisco NX-OS Software 7.0(3)I4(7), Cisco NX-OS Software 7.0(3)I4(8), Cisco NX-OS Software 7.0(3)I4(8a), Cisco NX-OS Software 7.0(3)I4(8b), Cisco NX-OS Software 7.0(3)I4(8z), Cisco NX-OS Software 7.0(3)I4(1t), Cisco NX-OS Software 7.0(3)I4(6t), Cisco NX-OS Software 7.0(3)I4(9), Cisco NX-OS Software 7.0(3)I5(1), Cisco NX-OS Software 7.0(3)I5(2), Cisco NX-OS Software 7.0(3)I5(3), Cisco NX-OS Software 7.0(3)I5(3a), Cisco NX-OS Software 7.0(3)I5(3b), Cisco NX-OS Software 7.0(3)I6(1), Cisco NX-OS Software 7.0(3)I6(2), Cisco NX-OS Software 7.0(3)I7(1), Cisco NX-OS Software 7.0(3)I7(2), Cisco NX-OS Software 7.0(3)I7(3), Cisco NX-OS Software 7.0(3)I7(4), Cisco NX-OS Software 7.0(3)I7(5), Cisco NX-OS Software 7.0(3)I7(5a), Cisco NX-OS Software 7.0(3)I7(3z), Cisco NX-OS Software 7.0(3)I7(6), Cisco NX-OS Software 7.0(3)I7(6z), Cisco NX-OS Software 7.0(3)I7(7), Cisco NX-OS Software 7.0(3)I7(8), Cisco NX-OS Software 7.0(3)I7(9), Cisco NX-OS Software 7.0(3)I7(9w), Cisco NX-OS Software 7.0(3)I7(10), Cisco NX-OS Software 7.3(0)D1(1), Cisco NX-OS Software 7.3(0)DX(1), Cisco NX-OS Software 7.3(0)DY(1), Cisco NX-OS Software 7.3(0)N1(1), Cisco NX-OS Software 7.3(0)N1(1b), Cisco NX-OS Software 7.3(0)N1(1a), Cisco NX-OS Software 7.3(1)D1(1), Cisco NX-OS Software 7.3(1)DY(1), Cisco NX-OS Software 7.3(1)N1(1), Cisco NX-OS Software 7.3(2)D1(1), Cisco NX-OS Software 7.3(2)D1(2), Cisco NX-OS Software 7.3(2)D1(3), Cisco NX-OS Software 7.3(2)D1(3a), Cisco NX-OS Software 7.3(2)D1(1d), Cisco NX-OS Software 7.3(2)N1(1), Cisco NX-OS Software 7.3(2)N1(1b), Cisco NX-OS Software 7.3(2)N1(1c), Cisco NX-OS Software 7.3(3)N1(1), Cisco NX-OS Software 8.1(1), Cisco NX-OS Software 8.1(2), Cisco NX-OS Software 8.1(2a), Cisco NX-OS Software 8.1(1a), Cisco NX-OS Software 8.1(1b), Cisco NX-OS Software 8.2(1), Cisco NX-OS Software 8.2(2), Cisco NX-OS Software 8.2(3), Cisco NX-OS Software 8.2(4), Cisco NX-OS Software 8.2(5), Cisco NX-OS Software 8.2(6), Cisco NX-OS Software 8.2(7), Cisco NX-OS Software 8.2(7a), Cisco NX-OS Software 8.2(8), Cisco NX-OS Software 8.2(9), Cisco NX-OS Software 8.3(1), Cisco NX-OS Software 8.3(2), Cisco NX-OS Software 9.2(1), Cisco NX-OS Software 9.2(2), Cisco NX-OS Software 9.2(2t), Cisco NX-OS Software 9.2(3), Cisco NX-OS Software 9.2(3y), Cisco NX-OS Software 9.2(4), Cisco NX-OS Software 9.2(2v), Cisco NX-OS Software 9.2(1a), Cisco NX-OS Software 7.3(4)N1(1), Cisco NX-OS Software 7.3(4)N1(1a), Cisco NX-OS Software 7.3(3)D1(1), Cisco NX-OS Software 7.0(3)IA7(1), Cisco NX-OS Software 7.0(3)IA7(2), Cisco NX-OS Software 7.0(3)IM7(2), Cisco NX-OS Software 7.3(4)D1(1), Cisco NX-OS Software 7.3(5)N1(1), Cisco NX-OS Software 8.4(1), Cisco NX-OS Software 8.4(1a), Cisco NX-OS Software 8.4(2), Cisco NX-OS Software 8.4(2a), Cisco NX-OS Software 8.4(3), Cisco NX-OS Software 8.4(2b), Cisco NX-OS Software 8.4(4), Cisco NX-OS Software 8.4(2c), Cisco NX-OS Software 8.4(4a), Cisco NX-OS Software 8.4(5), Cisco NX-OS Software 8.4(2d), Cisco NX-OS Software 8.4(6), Cisco NX-OS Software 8.4(2e), Cisco NX-OS Software 8.4(6a), Cisco NX-OS Software 8.4(7), Cisco NX-OS Software 8.4(2f), Cisco NX-OS Software 9.3(1), Cisco NX-OS Software 9.3(2), Cisco NX-OS Software 9.3(3), Cisco NX-OS Software 9.3(1z), Cisco NX-OS Software 9.3(4), Cisco NX-OS Software 9.3(5), Cisco NX-OS Software 9.3(6), Cisco NX-OS Software 9.3(5w), Cisco NX-OS Software 9.3(7), Cisco NX-OS Software 9.3(7k), Cisco NX-OS Software 9.3(7a), Cisco NX-OS Software 9.3(8), Cisco NX-OS Software 9.3(9), Cisco NX-OS Software 9.3(10), Cisco NX-OS Software 9.3(11), Cisco NX-OS Software 7.3(6)N1(1), Cisco NX-OS Software 7.3(6)N1(1a), Cisco NX-OS Software 7.3(5)D1(1), Cisco NX-OS Software 7.3(7)N1(1), Cisco NX-OS Software 7.3(7)N1(1a), Cisco NX-OS Software 7.3(7)N1(1b), Cisco NX-OS Software 7.3(6)D1(1), Cisco NX-OS Software 7.3(8)N1(1), Cisco NX-OS Software 7.3(8)N1(1a), Cisco NX-OS Software 7.3(8)N1(1b), Cisco NX-OS Software 7.3(7)D1(1), Cisco NX-OS Software 7.3(9)N1(1), Cisco NX-OS Software 10.1(1), Cisco NX-OS Software 10.1(2), Cisco NX-OS Software 10.1(2t), Cisco NX-OS Software 8.5(1), Cisco NX-OS Software 7.3(10)N1(1), Cisco NX-OS Software 7.3(8)D1(1), Cisco NX-OS Software 10.2(1), Cisco NX-OS Software 10.2(1q), Cisco NX-OS Software 10.2(2), Cisco NX-OS Software 10.2(3), Cisco NX-OS Software 10.2(2a), Cisco NX-OS Software 10.2(3t), Cisco NX-OS Software 10.2(4), Cisco NX-OS Software 10.2(5), Cisco NX-OS Software 7.3(9)D1(1), Cisco NX-OS Software 7.3(11)N1(1), Cisco NX-OS Software 7.3(11)N1(1a), Cisco NX-OS Software 7.3(12)N1(1), Cisco NX-OS Software 10.3(1), Cisco NX-OS Software 10.3(2), Cisco NX-OS Software 7.3(13)N1(1), Cisco NX-OS Software, Cisco MDS 9000 Multilayer Directors and Fabric Switches, Cisco Nexus 7000 Series Switches, Cisco Nexus 5000 Series Switches, Cisco Nexus 3000 Series Switches, Cisco Nexus 6000 Series Switches, Cisco Nexus 9000 Series Switches

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2023-20168 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2023-20168 Cisco OpenVuln
Cisco MDS 9000 Family of Multilayer Switches CVE-2023-20168 Cisco OpenVuln
Cisco Firepower Extensible Operating System (FXOS) CVE-2023-20168 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 9000 Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 7000 Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 6000 Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 5000 Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 3000 Series Switches CVE-2023-20168 Cisco OpenVuln
Cisco Nexus 3000 Series Switch CVE-2023-20168 Cisco OpenVuln
Cisco NX-OS Software CVE-2023-20168 Cisco OpenVuln
Cisco MDS 9000 Multilayer Directors and Fabric Switches CVE-2023-20168 Cisco OpenVuln