CVE-2022-20624

A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Severity	HIGH
CVSS	8.6
CWE	CWE-400
KEV
Published	4 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-cfsoip-dos-tpykyDr
Cisco Nexus Dashboard	cisco-sa-cfsoip-dos-tpykyDr
Cisco Firepower Extensible Operating System (FXOS)	cisco-sa-cfsoip-dos-tpykyDr
Cisco Catalyst PON Series Switches	cisco-sa-cfsoip-dos-tpykyDr
Cisco Unified Computing System E-Series Software (UCSE)	cisco-sa-cfsoip-dos-tpykyDr
Cisco Unified Computing System (Standalone)	cisco-sa-cfsoip-dos-tpykyDr
Cisco Unified Computing System (Managed)	cisco-sa-cfsoip-dos-tpykyDr
Cisco Nexus 9000 Series Switches	cisco-sa-cfsoip-dos-tpykyDr
Cisco Nexus 3000 Series Switches	cisco-sa-cfsoip-dos-tpykyDr
Cisco Nexus 3000 Series Switch	cisco-sa-cfsoip-dos-tpykyDr
Cisco NX-OS Software	cisco-sa-cfsoip-dos-tpykyDr