CVE-2020-3338

A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.

Severity	HIGH
CVSS	7.5
CWE	CWE-404
KEV
Published	5 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Nexus Dashboard	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco MATE Collector, Design, Live	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Firepower Extensible Operating System (FXOS)	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Catalyst PON Series Switches	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Nexus 9000 Series Switches	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Nexus 7000 Series Switches	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Nexus 3000 Series Switches	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco Nexus 3000 Series Switch	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw
Cisco NX-OS Software	cisco-sa-nxos-pim-memleak-dos-tC8eP7uw