CVE-2012-4091

Name of the Vulnerable Software and Affected Versions Cisco NX-OS (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service by sending a malformed RIPv4 or RIPv6 message to the RIP service engine, which could lead to the engine restarting. This is due to improper input filtering of RIP packets. An attacker could exploit this by sending crafted messages to UDP port 520, potentially causing a denial of service for destinations populated in the route table by RIP. The vulnerability can be exploited by an unauthenticated, remote attacker, but may require access to trusted, internal networks.

Recommendations To resolve the issue, update to a version of Cisco NX-OS Software that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to UDP port 520 to minimize the risk of exploitation.