CISCO-SA-NXOSPC-PIM6-VG4JFPH

Vulnerable Products:

At the time of publication, this vulnerability affected Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that had the PIM6 feature enabled and at least one of the following features enabled:

NX-API NETCONF RESTCONF gRPC Model Driven Telemetry

Note: The Protocol Independent Multicast Version 4 (PIM4) feature is not affected.

For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.

Determine Whether the PIM6 Feature Is Enabled

To determine whether the PIM6 feature is enabled, use the show feature | include pim6 CLI command, as shown in the following example:

Switch# show feature | include pim6 pim6 1 enabled

Determine Whether a Secondary Feature Is Enabled

To be affected by this vulnerability, a switch must have PIM6 and at least one of the listed features enabled. To determine if any of the listed features are enabled, use the show feature | include featurename command, substituting featurename with the following:

nxapi netconf restconf grpc telemetry

All these features are disabled by default.Products Confirmed Not Vulnerable:

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Cisco has confirmed that this vulnerability does not affect the following Cisco products:

Firepower 1000 Series Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000 Virtual Edge for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Fabric Switches in ACI mode Secure Firewall 3100 Series Secure Firewall 4200 Series UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects UCS 6500 Series Fabric Interconnects...