This vulnerability has been assigned the ID CVE-2018-6389. Cisco has released software updates that address these vulnerabilities. However, if you have enabled the Cisco Nexus Operating System as a service provider, you may not have to do anything. The Cisco Nexus OS will automatically apply the necessary updates. If you have enabled the Cisco Nexus OS as a service provider, contact your service provider for further information. Cisco customers who are using the Cisco Nexus OS may need to upgrade to release version 8.3.1 or later. In addition, Cisco customers should apply the following workaround to prevent the device from reloading: Access the interface configuration using the command show interface.
Note the interface that is configured to send and accept DNS traffic.
Disable that interface.
Other Common Vulnerabilities
Cisco has released software updates that address these vulnerabilities.
However, if you have enabled the Cisco Nexus Operating System as a service provider, you may not have to do anything. The Cisco Nexus OS will automatically apply the necessary updates. If you have enabled the Cisco Nexus OS as a service provider, contact your service provider for further information. Cisco customers who are using the Cisco Nexus OS may need to upgrade to release version 8.3.1 or later. In addition, Cisco customers should apply the following workaround to prevent the device from reloading: Access the interface configuration using the command show interface.
Note the interface that is configured to send and accept DNS traffic.
Disable that interface.
Cisco Nexus Operating System Software Features That May Be Affected
The Cisco Nexus Operating System contains several features that might be affected by these vulnerabilities. These features are shown in the following table:
Features
SNMP Remote Management Interface
Web server, including HTTP and HTTPS Web servers, Apache Tomcat and other web servers
DNS server, including configured DNS servers for DNS traffic
How to Upgrade Nexus OS
Cisco has released software updates that address these vulnerabilities. However, if you have enabled the Cisco Nexus Operating System as a service provider, you may not have to do anything. The Cisco Nexus OS will automatically apply the necessary updates. If you have enabled the Cisco Nexus OS as a service provider, contact your service provider for further information. Cisco customers who are using the Cisco Nexus OS may need to upgrade to release version 8.3.1 or later. In addition, Cisco customers should apply the following workaround to prevent the device from reloading: Access the interface configuration using the command show interface and then disable an interface that is configured to send and accept DNS traffic
Timeline
Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/13/2022 19:59:00 UTC