General

Symptoms: A vulnerability in the Unidirectional Link Detection (UDLD) module in the Cisco Nexus 7000 series switches could allow an unauthenticated, adjacent attacker to crash the UDLD process.. The vulnerability is due to insufficient validation of input from UDLD frames. An attacker could exploit this vulnerability by sending specially crafted frames to a vulnerable device. Conditions: To successfully exploit this vulnerability requires that the crafted layer two frame be sent from a client connected directly to the switch interface. Workaround: None Further Problem Description: None PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 3.3/3.1: http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:A/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C&version=2.0 No CVE ID has been assigned to this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html