CVE-2024-20321

CVSS 3.1 Score 8.6 of 10 (high)

Details

Published Feb 29, 2024

Updated: Mar 4, 2024

CWE ID 400

CWE ID 770

Summary

CVE-2024-20321 is a denial-of-service vulnerability affecting Cisco NX-OS Software's External Border Gateway Protocol (eBGP) implementation. This issue arises due to eBGP traffic being routed to a shared hardware rate-limiter queue. An unauthenticated, remote attacker can exploit this vulnerability by flooding an affected device with specific network traffic. Successful exploitation can result in dropped eBGP neighbor sessions and a network-wide denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Cisco NX-OS

Affected Vendors

Cisco Systems Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/usFp7m
https://www.cve.org/CVERecord?id=CVE-2024-20321
https://nvd.nist.gov/vuln/detail/CVE-2024-20321

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners