CVE-2022-20823: A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of se...

Description

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

Metrics

CVSS 3.1

8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability

1.02%

59.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Cisco	Nexus 3016 Firmware	All versions
Cisco	Nexus 3016q Firmware	All versions
Cisco	Nexus 3048 Firmware	All versions
Cisco	Nexus 3064 Firmware	All versions
Cisco	Nexus 3064-32t Firmware	All versions
Cisco	Nexus 3064-T Firmware	All versions
Cisco	Nexus 3064-X Firmware	All versions
Cisco	Nexus 3064t Firmware	All versions
Cisco	Nexus 3064x Firmware	All versions
Cisco	Nexus 3100 Firmware	All versions
Cisco	Nexus 3100-V Firmware	All versions
Cisco	Nexus 3100-Z Firmware	All versions
Cisco	Nexus 3100v Firmware	All versions
Cisco	Nexus 31108pc-V Firmware	All versions
Cisco	Nexus 31108pv-V Firmware	All versions
Cisco	Nexus 31108tc-V Firmware	All versions
Cisco	Nexus 31128pq Firmware	All versions
Cisco	Nexus 3132c-Z Firmware	All versions
Cisco	Nexus 3132q Firmware	All versions
Cisco	Nexus 3132q-V Firmware	All versions
Cisco	Nexus 3132q-X Firmware	All versions
Cisco	Nexus 3132q-X\/3132q-Xl Firmware	All versions
Cisco	Nexus 3132q-Xl Firmware	All versions
Cisco	Nexus 3164q Firmware	All versions
Cisco	Nexus 3172 Firmware	All versions
Cisco	Nexus 3172pq Firmware	All versions
Cisco	Nexus 3172pq-Xl Firmware	All versions
Cisco	Nexus 3172pq\/Pq-Xl Firmware	All versions
Cisco	Nexus 3172tq Firmware	All versions
Cisco	Nexus 3172tq-32t Firmware	All versions
Cisco	Nexus 3172tq-Xl Firmware	All versions
Cisco	Nexus 3200 Firmware	All versions
Cisco	Nexus 3232c Firmware	All versions
Cisco	Nexus 3232c Firmware	All versions
Cisco	Nexus 3264c-E Firmware	All versions
Cisco	Nexus 3264q Firmware	All versions
Cisco	Nexus 3400 Firmware	All versions
Cisco	Nexus 3408-S Firmware	All versions
Cisco	Nexus 34180yc Firmware	All versions
Cisco	Nexus 34200yc-Sm Firmware	All versions
Cisco	Nexus 3432d-S Firmware	All versions
Cisco	Nexus 3464c Firmware	All versions
Cisco	Nexus 3500 Firmware	All versions
Cisco	Nexus 3500 Platform Firmware	All versions
Cisco	Nexus 3524 Firmware	All versions
Cisco	Nexus 3524-X Firmware	All versions
Cisco	Nexus 3524-X\/Xl Firmware	All versions
Cisco	Nexus 3524-Xl Firmware	All versions
Cisco	Nexus 3548 Firmware	All versions
Cisco	Nexus 3548-X Firmware	All versions

Showing 50 of 147 affected configurations. See NVD for the full list.

References

Timeline

Published: Aug 25, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-20823?

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory.

How severe is CVE-2022-20823?

CVE-2022-20823 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 1.02% probability of exploitation in the next 30 days.

How do I fix CVE-2022-20823?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.