Treck TCP/IP stack multiple vulnerabilities. (Ripple20)

TsadikuBahiru78025 · ‎01-18-2024

We have a nexus 9k switch and the following vulnerability was found please help us to remediate this.

Torbjørn · ‎01-18-2024

What NX-OS version is the switch running?

Those vulnerabilities are uite old and is remediated in all newer NX-OS versions. You should upgrade to a more recent version to mitigate this.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

TsadikuBahiru78025 · ‎01-18-2024

Hello Thanks for the help.

Here is the NX-OS version nxos.9.3.10.bin. and it is based on recent scanning this vulnerabilities were find.

mcnuttj · ‎04-19-2024

We have 93180s running 10.4.2F that are also showing this vulnerability.

Alexander Fleck · ‎07-02-2024

Hello,

NXOS doesn't use the Treck IP stack and is not affected by Ripple20.

Security scanners have been incorrectly reporting NXOS platforms as impacted for some time.

Do you know what exactly the security scanner is checking to determine if a device is affected?

mqb-lss · ‎10-09-2024

We have similar issue found post VA scan with AIR-CAP2702E-D-K9, can someone advise the remediation steps, thank you