A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads.

The vulnerability is due to a lack of proper FCoE frame padding validation.

An attacker could exploit this vulnerability by sending a stream of crafted FCoE frames to the targeted device.

An exploit could allow the attacker to cause a DoS condition, which would impact FCoE traffic passing through the device.

The attacker’s server must be directly connected to the FCoE interface on the device that is running Cisco NX-OS Software to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-nxos
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads.

The vulnerability is due to a lack of proper FCoE frame padding validation.

An attacker could exploit this vulnerability by sending a stream of crafted FCoE frames to the targeted device.

An exploit could allow the attacker to cause a DoS condition, which would impact FCoE traffic passing through the device.

The attacker’s server must be directly connected to the FCoE interface on the device that is running Cisco NX-OS Software to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-nxos

Security Impact Rating: Medium

CVE: CVE-2017-6655

Leave a Reply