Cisco has issued security patches for vulnerabilities in its products, eight of which considered having a potentially high impact and the remainder rated medium. The vulnerabilities exist in Cisco products, including the Unified Computing System (UCS) software, Firepower firewall (FXOS), and the Nexus switch operating system (NX-OS) software.
“All six vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to gain elevated privileges, execute arbitrary commands, or cause a denial of service (DoS) condition on an affected device.” Cisco announced in its advisory.
“Two vulnerabilities affect only Cisco NX-OS Software; one vulnerability affects only Cisco UCS Software; two vulnerabilities affect both Cisco FXOS Software and Cisco UCS Software; and one vulnerability affects Cisco FX-OS Software, Cisco NX-OS Software, and UCS Software.”
The most severe vulnerabilities, affect FXOS and NX-OS that could be exploited by an unauthenticated attacker to execute arbitrary code as root.
The vulnerabilities are due to insufficient input validation. The exploitation of the flaw could trigger a denial of service (DoS) condition.
The first issue (CVE-2020-3172) is caused by the lack of validation of the Cisco Discovery Protocol packet headers. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit the vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent vulnerable device that would lead to a buffer overflow to run arbitrary code or cause a DoS condition.
The vulnerability impacts several devices for which the Discovery Protocol is enabled by default, including Nexus, Firepower, UCS, and MDS.
A high severity flaw in the CLI of Cisco FXOS Software and UCS Manager software (CVE-2020-3173) could be exploited by an attacker to execute arbitrary commands on the underlying operating system, with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400, the injected commands are executed with root privileges.
Other high severity vulnerabilities fixed by Cisco:
- A high-risk DoS vulnerability in NX-OS software for MDS 9000 Series Multilayer Switches, tracked as CVE-2020-3175, that can be exploited by an unauthenticated attacker.
- A DoS flaw in Secure Login Enhancements capability of the Nexus 1000V switch for VMware vSphere, tracked as CVE-2020-3168, that could be exploited by an unauthenticated, remote attacker to cause a vulnerable Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible.
- Two CLI command injection flaws CVE-2020-3167 in FXOS software and CVE-2020- 3171 in UCS Manager software affecting Firepower and UCS products. The vulnerability could be exploited by an authenticated attacker to execute arbitrary commands.
Cisco also addressed three medium severity vulnerabilities (CVE-2020-3165, CVE-2020-3174, CVE-2020-3170) in the NX-OS software and two other medium risk bugs (CVE-2020-3166 and CVE-2020-3169) in the FXOS software.