CVE-2022-20823

HIGH

Cisco Nexus 3064t Firmware - Buffer Over-read

Title source: rule

Description

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu

Scores

CVSS v3 8.6

EPSS 0.0064

EPSS Percentile 70.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-125 CWE-126

Status published

Products (50)

cisco/nexus_3016_firmware

cisco/nexus_3016q_firmware

cisco/nexus_3048_firmware

cisco/nexus_3064-32t_firmware

cisco/nexus_3064-t_firmware

cisco/nexus_3064-x_firmware

cisco/nexus_3064_firmware

cisco/nexus_3064t_firmware

cisco/nexus_3064x_firmware

cisco/nexus_3100-v_firmware

... and 40 more

Published Aug 25, 2022

Tracked Since Feb 18, 2026