Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Cisco Community November 2020 Spotlight Award Winners

Multiple Vulnerabilities in Cisco FXOS and NX-OS Software

Labels:
1119
Views
10
Helpful
1
Comments
Omar Santos
Cisco Employee
Cisco Employee
‎02-26-2020 02:18 PM
‎02-26-2020 02:18 PM

On February 24, 2020, the Cisco PSIRT published eleven (11) vulnerabilities in Cisco FXOS and NX-OS Software. Eight (8) out of the eleven (11) vulnerabilities were found by our internal security and engineering teams, two were found by TAC during the troubleshooting of service requests, and one was found by  Jens Krabbenhoeft of Rauscher networX. The following table lists all of the vulnerabilities. These vulnerabilities are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available.

Security Advisory Security Impact Rating CVE-ID
Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability High CVE-2020-3173
High CVE-2020-3168
Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability High CVE-2020-3175
Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability High CVE-2020-3167
Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability High CVE-2020-3171
Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability High CVE-2020-3172
Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability Medium CVE-2020-3165
Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability Medium CVE-2020-3174
Cisco NX-OS Software NX-API Denial of Service Vulnerability Medium CVE-2020-3170
Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability Medium CVE-2020-3166
Cisco FXOS Software CLI Command Injection Vulnerability Medium CVE-2020-3169

 

Software Checker and Automation

As you probably already know, the Cisco IOS Software Checker is now referred to as the Cisco Software Checker to reflect new search capabilities for Cisco NX-OS Software and Cisco NX-OS Software in ACI Mode. Functionality for IOS and IOS XE remains as before. The new search capabilities for Cisco NX-OS Software allows examination of vulnerabilities that were announced on or after July 1, 2019. 

This new functionality is also extended to the Cisco PSIRT openVuln API.

1 Comment
Martin L
VIP Engager VIP Engager
VIP Engager
‎04-28-2020 10:05 PM
‎04-28-2020 10:05 PM

 

WoW, a few vulnerabilities; glad someone keeps an eye on those. Thanks!  

0 Helpful
Latest Contents
Cisco ASA AnyConnect behind another firewall
Created by wayne loh on 03-07-2021 03:11 AM
1
0
1
0
Hi All, Would like some configuration guide on the attached setup for the cisco asa anyconnect behind another firewall. The perimeter firewall will have public IP address natted to the cisco asa interface (using private ip address). However, in this ... view more
ISE Posture Status - Compliant to Unknown
Created by Mohammad Raza Meer on 03-06-2021 06:38 AM
0
5
0
5
Hello All, I am facing issue in Cisco ISE for Wired Users and would like to get your help. Below are the details 1. We are using ISE version 2.7. 2. Two different series of Cisco Switches 2960x and 9200 3. No issue faced by users who a... view more
CISCO-ISE-Essentials-VLAN
Created by abdulkarim041 on 03-06-2021 06:09 AM
1
5
1
5
 Hi, Can any one confirm,  ISE Essentials license is enough to put a end host in required VLAN?  BR 
ISE-Device admin- License
Created by abdulkarim041 on 03-06-2021 02:48 AM
3
0
3
0
hi, is L-ISE-TACACS-ND= part number under eol? I am unable to qoute it in CCW tool.  BR
Cisco ISE Licence for Profiling Posture and BYOD
Created by Bhardwajp on 03-06-2021 02:19 AM
2
10
2
10
Hi All, Can you please help with the licence required for Cisco ISE for Profiling, Posture and BYOD.and what are the service we get in Cisco Base licence.
Content for Community-Ad