Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability


An unauthenticated, local attacker may be able to force an affected device to unintentionally reload by exploiting a vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software. Software patches from Cisco have been made available to fix this flaw. This weakness cannot be fixed by any workarounds.

When processing an authentication attempt, if the directed request option for TACACS+ or RADIUS is enabled, this vulnerability results from improper input validation. By submitting a specially created string at the login prompt of an impacted device, an attacker might take advantage of this vulnerability. If the exploit is effective, the attacker may be able to trigger an unexpected device reload that would cause a DoS.

Read More…