Impacting the OSPF version 3 (OSPFv3) feature of NX-OS, the first of these issues is tracked as CVE-2022-20823 and could be exploited remotely, without authentication, to cause a denial-of-service (DoS) condition.

The flaw exists due to incomplete input validation of specific OSPFv3 packets, allowing an attacker to send a malicious OSPFv3 link-state advertisement (LSA) to a vulnerable device in order to trigger the bug.

“A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition,” Cisco notes in an advisory.