OPERATIONAL DEFECT DATABASE
...
...
Cisco Nexus 1000, 3000, 4000, 5000, and 7000 switches may leak memory when processing malformed Cisco Discovery Protocol (CDP) Packets, this can lead to an eventual reload of the switch. An adjacent attacker, with the ability to submit malformed CDP traffic to an affected device could cause a denial of service condition while the device reloads or fails over to a redundant Supervisor card if so equipped.
Cisco Nexus Switches running an affected version of NX-OS.
Disable CDP on the affecte device, the CDP protocol is enabled by default. NX-OS: no cdp enable
This issue was identified through internal hardening efforts on the NX-OS platform. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 5.7/4.8: http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:U/RC:C&version=2.0 CVE ID CVE-2012-1323 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
