A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm.

The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop.

An attacker could exploit this vulnerability by injecting the Layer 2 frame into the network segment.

An exploit could allow the attacker to cause a Layer 2 network storm and impact the availability of the switches.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios
A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm.

The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop.

An attacker could exploit this vulnerability by injecting the Layer 2 frame into the network segment.

An exploit could allow the attacker to cause a Layer 2 network storm and impact the availability of the switches.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios

Security Impact Rating: Medium

CVE: CVE-2016-6473

Leave a Reply