Cisco warns of Nexus switch security weakness
Cisco is telling customers of its Nexus core data-center switches to fix or work around a vulnerability that could leave the boxes open to a denial of service attack.
The vulnerability, found in the Nexus NS-OS software gets a 8.6 score out of 10 on the Common Vulnerability Scoring System, making it a “High” risk problem.
Cisco said the vulnerability is due to an affected device unexpectedly decapsulating and processing IP-in-IP packets that are destined to a locally configured IP address. IP in IP is a tunneling protocol that wraps an IP packet within another IP packet.
Source:: IT news – Networking