CVE-2022-20623

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software for Cisco Nexus 9000 Series Switches (affected versions not specified)

Description The issue is related to a logic error in the Bidirectional Forwarding Detection (BFD) rate limiter functionality, which could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This can result in BFD session flaps, leading to route instability and dropped traffic, and ultimately a denial of service (DoS) condition. The vulnerability applies to both IPv4 and IPv6 traffic. An attacker could exploit this by sending a crafted stream of traffic through the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.