{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-20111", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2024-10-10T19:15:13.210Z", "datePublished": "2025-02-26T16:11:07.388Z", "dateUpdated": "2025-02-26T18:03:22.774Z"}, "containers": {"cna": {"title": "Cisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g", "name": "cisco-sa-n3kn9k-healthdos-eOqSWK4g"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-n3kn9k-healthdos-eOqSWK4g", "discovery": "INTERNAL", "defects": ["CSCwj98161"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Insufficient Granularity of Access Control", "type": "cwe", "cweId": "CWE-1220"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS Software", "versions": [{"version": "9.3(2)", "status": "affected"}, {"version": "9.3(1)", "status": "affected"}, {"version": "9.3(1z)", "status": "affected"}, {"version": "9.3(3)", "status": "affected"}, {"version": "9.3(4)", "status": "affected"}, {"version": "9.3(5)", "status": "affected"}, {"version": "9.3(6)", "status": "affected"}, {"version": "10.1(2)", "status": "affected"}, {"version": "10.1(1)", "status": "affected"}, {"version": "9.3(5w)", "status": "affected"}, {"version": "9.3(7)", "status": "affected"}, {"version": "9.3(7k)", "status": "affected"}, {"version": "10.2(1)", "status": "affected"}, {"version": "9.3(7a)", "status": "affected"}, {"version": "9.3(8)", "status": "affected"}, {"version": "10.2(1q)", "status": "affected"}, {"version": "10.2(2)", "status": "affected"}, {"version": "9.3(9)", "status": "affected"}, {"version": "10.1(2t)", "status": "affected"}, {"version": "10.2(3)", "status": "affected"}, {"version": "10.2(3t)", "status": "affected"}, {"version": "9.3(10)", "status": "affected"}, {"version": "10.2(2a)", "status": "affected"}, {"version": "10.3(1)", "status": "affected"}, {"version": "10.2(4)", "status": "affected"}, {"version": "10.3(2)", "status": "affected"}, {"version": "9.3(11)", "status": "affected"}, {"version": "10.3(3)", "status": "affected"}, {"version": "10.2(5)", "status": "affected"}, {"version": "9.3(12)", "status": "affected"}, {"version": "10.2(3v)", "status": "affected"}, {"version": "10.4(1)", "status": "affected"}, {"version": "10.3(99w)", "status": "affected"}, {"version": "10.2(6)", "status": "affected"}, {"version": "10.3(3w)", "status": "affected"}, {"version": "10.3(99x)", "status": "affected"}, {"version": "10.3(3o)", "status": "affected"}, {"version": "10.3(4)", "status": "affected"}, {"version": "10.3(3p)", "status": "affected"}, {"version": "10.3(4a)", "status": "affected"}, {"version": "10.4(2)", "status": "affected"}, {"version": "10.3(3q)", "status": "affected"}, {"version": "9.3(13)", "status": "affected"}, {"version": "10.3(5)", "status": "affected"}, {"version": "10.2(7)", "status": "affected"}, {"version": "10.4(3)", "status": "affected"}, {"version": "10.3(3x)", "status": "affected"}, {"version": "10.3(4g)", "status": "affected"}, {"version": "10.5(1)", "status": "affected"}, {"version": "10.2(8)", "status": "affected"}, {"version": "10.3(3r)", "status": "affected"}, {"version": "9.3(14)", "status": "affected"}, {"version": "10.3(4h)", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-02-26T16:11:07.388Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-26T18:03:13.951967Z", "id": "CVE-2025-20111", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T18:03:22.774Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-20111", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2024-10-10T19:15:13.210Z", "datePublished": "2025-02-26T16:11:07.388Z", "dateUpdated": "2025-02-26T18:03:22.774Z"}, "containers": {"cna": {"title": "Cisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g", "name": "cisco-sa-n3kn9k-healthdos-eOqSWK4g"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-n3kn9k-healthdos-eOqSWK4g", "discovery": "INTERNAL", "defects": ["CSCwj98161"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Insufficient Granularity of Access Control", "type": "cwe", "cweId": "CWE-1220"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS Software", "versions": [{"version": "9.3(2)", "status": "affected"}, {"version": "9.3(1)", "status": "affected"}, {"version": "9.3(1z)", "status": "affected"}, {"version": "9.3(3)", "status": "affected"}, {"version": "9.3(4)", "status": "affected"}, {"version": "9.3(5)", "status": "affected"}, {"version": "9.3(6)", "status": "affected"}, {"version": "10.1(2)", "status": "affected"}, {"version": "10.1(1)", "status": "affected"}, {"version": "9.3(5w)", "status": "affected"}, {"version": "9.3(7)", "status": "affected"}, {"version": "9.3(7k)", "status": "affected"}, {"version": "10.2(1)", "status": "affected"}, {"version": "9.3(7a)", "status": "affected"}, {"version": "9.3(8)", "status": "affected"}, {"version": "10.2(1q)", "status": "affected"}, {"version": "10.2(2)", "status": "affected"}, {"version": "9.3(9)", "status": "affected"}, {"version": "10.1(2t)", "status": "affected"}, {"version": "10.2(3)", "status": "affected"}, {"version": "10.2(3t)", "status": "affected"}, {"version": "9.3(10)", "status": "affected"}, {"version": "10.2(2a)", "status": "affected"}, {"version": "10.3(1)", "status": "affected"}, {"version": "10.2(4)", "status": "affected"}, {"version": "10.3(2)", "status": "affected"}, {"version": "9.3(11)", "status": "affected"}, {"version": "10.3(3)", "status": "affected"}, {"version": "10.2(5)", "status": "affected"}, {"version": "9.3(12)", "status": "affected"}, {"version": "10.2(3v)", "status": "affected"}, {"version": "10.4(1)", "status": "affected"}, {"version": "10.3(99w)", "status": "affected"}, {"version": "10.2(6)", "status": "affected"}, {"version": "10.3(3w)", "status": "affected"}, {"version": "10.3(99x)", "status": "affected"}, {"version": "10.3(3o)", "status": "affected"}, {"version": "10.3(4)", "status": "affected"}, {"version": "10.3(3p)", "status": "affected"}, {"version": "10.3(4a)", "status": "affected"}, {"version": "10.4(2)", "status": "affected"}, {"version": "10.3(3q)", "status": "affected"}, {"version": "9.3(13)", "status": "affected"}, {"version": "10.3(5)", "status": "affected"}, {"version": "10.2(7)", "status": "affected"}, {"version": "10.4(3)", "status": "affected"}, {"version": "10.3(3x)", "status": "affected"}, {"version": "10.3(4g)", "status": "affected"}, {"version": "10.5(1)", "status": "affected"}, {"version": "10.2(8)", "status": "affected"}, {"version": "10.3(3r)", "status": "affected"}, {"version": "9.3(14)", "status": "affected"}, {"version": "10.3(4h)", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-02-26T16:11:07.388Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-20111", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-26T18:03:13.951967Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T16:52:33.839Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload."}, {"lang": "es", "value": "Una vulnerabilidad en los diagn\u00f3sticos de monitoreo de estado de los switches Cisco Nexus de la serie 3000 y Cisco Nexus de la serie 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante adyacente no autenticado haga que el dispositivo se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la gesti\u00f3n incorrecto de tramas Ethernet espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una tasa sostenida de tramas Ethernet dise\u00f1adas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el dispositivo se recargue."}], "id": "CVE-2025-20111", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "psirt@cisco.com", "type": "Secondary"}]}, "published": "2025-02-26T17:15:22.240", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1220"}], "source": "psirt@cisco.com", "type": "Secondary"}]}

{}

{}