Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability

An unauthenticated, local attacker may be able to force an affected device to unintentionally reload by exploiting a vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software. Software patches from Cisco have been made available to fix this flaw. This weakness cannot be fixed by any workarounds.

When processing an authentication attempt, if the directed request option for TACACS+ or RADIUS is enabled, this vulnerability results from improper input validation. By submitting a specially created string at the login prompt of an impacted device, an attacker might take advantage of this vulnerability. If the exploit is effective, the attacker may be able to trigger an unexpected device reload that would cause a DoS.

Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability

23-Aug-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address