cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
480
Views
0
Helpful
4
Replies

Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

 

We have a nexus 9k switch and the following vulnerability was found please help us to remediate this. 

Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

4 Replies 4

Torbjørn
Spotlight
Spotlight

What NX-OS version is the switch running?

Those vulnerabilities are uite old and is remediated in all newer NX-OS versions. You should upgrade to a more recent version to mitigate this.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

 

Hello Thanks for the help.

Here is the NX-OS version nxos.9.3.10.bin. and it is based on recent scanning this vulnerabilities were find.

We have 93180s running 10.4.2F that are also showing this vulnerability.

Alexander Fleck
Cisco Employee
Cisco Employee

Hello,

NXOS doesn't use the Treck IP stack and is not affected by Ripple20.

You can review the Cisco Security Advisory here: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-treck-ip-stack-JyBQ5GyC.html

Security scanners have been incorrectly reporting NXOS platforms as impacted for some time.

Do you know what exactly the security scanner is checking to determine if a device is affected?

 

Review Cisco Networking for a $25 gift card