Cisco Community
English
Register
We're here for you! LEARN about free offerings and business continuity best practices during the COVID-19 pandemic
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel

Multiple Vulnerabilities in Cisco FXOS and NX-OS Software

736
Views
5
Helpful
0
Comments
Omar Santos
Omar Santos Cisco Employee
Cisco Employee
‎02-26-2020 02:18 PM
‎02-26-2020 02:18 PM

On February 24, 2020, the Cisco PSIRT published eleven (11) vulnerabilities in Cisco FXOS and NX-OS Software. Eight (8) out of the eleven (11) vulnerabilities were found by our internal security and engineering teams, two were found by TAC during the troubleshooting of service requests, and one was found by  Jens Krabbenhoeft of Rauscher networX. The following table lists all of the vulnerabilities. These vulnerabilities are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available.

Security Advisory Security Impact Rating CVE-ID
Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability High CVE-2020-3173
High CVE-2020-3168
Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability High CVE-2020-3175
Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability High CVE-2020-3167
Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability High CVE-2020-3171
Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability High CVE-2020-3172
Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability Medium CVE-2020-3165
Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability Medium CVE-2020-3174
Cisco NX-OS Software NX-API Denial of Service Vulnerability Medium CVE-2020-3170
Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability Medium CVE-2020-3166
Cisco FXOS Software CLI Command Injection Vulnerability Medium CVE-2020-3169

 

Software Checker and Automation

As you probably already know, the Cisco IOS Software Checker is now referred to as the Cisco Software Checker to reflect new search capabilities for Cisco NX-OS Software and Cisco NX-OS Software in ACI Mode. Functionality for IOS and IOS XE remains as before. The new search capabilities for Cisco NX-OS Software allows examination of vulnerabilities that were announced on or after July 1, 2019. 

This new functionality is also extended to the Cisco PSIRT openVuln API.

Latest Contents
ASA-AWS - ASAv keeps crashing.
Created by IQNetAdmin on 04-04-2020 08:37 PM
0
0
0
0
We have an ASAv configured in AWS.  It keeps crashing periodically and I'm trying to determine the cause. Version: Cisco Adaptive Security Appliance Software Version 9.6(4) I've attached the "show crashinfo" output. Can somebody p... view more
unknown file process for Cisco AMP
Created by ahmedatefelabd on 04-04-2020 02:09 PM
0
0
0
0
Hello EveryoneI have an inquiry about the unknown file analyses for Cisco AMP running on ISR SD-WANWill the branch router need internet access for this analyses to deliver to cloud OR the vManager will take this file to cloud instead and the vManager will... view more
ISE - Adaptive Network Control capability
Created by sindan1680 on 04-04-2020 01:44 PM
0
0
0
0
Hi, running ISE-PIC v2.2 - Adaptive Network Control capability shows "Disabled". How can this capability be "enabled"? Thanks,
ASA Firewall
Created by Binary443 on 04-04-2020 11:08 AM
6
0
6
0
I currently am using a ASA 5510 Firewall and ASA 5516-X, by defaut what security settings aren't enabled that I should have enabled in any network configuration? Also, by Default is IPS/IDS enabled or is this something that needs to be configured? Any adv... view more
Enable DTLS 1.2 on FTD
Created by mcvosi on 04-04-2020 10:57 AM
2
0
2
0
I'm unable to locate where to enable DTLS 1.2 on FTD in FMC. Clients seem to only get 1.0. 
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
Spotlight Awards- February 2020

Follow our Social Media Channels