A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Nx-os | Cisco | 7.0(3)i7(9) (including) | 7.0(3)i7(9) (including) |
| Nx-os | Cisco | 8.4(1) (including) | 8.4(1) (including) |
| Nx-os | Cisco | 9.3(7) (including) | 9.3(7) (including) |