CVE-2020-3119

EPSS 7.91%
Published 05.02.2020 18:15:10
Last modified 21.11.2024 05:30:21
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Affected products Warnungen 0 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Nx-os Version >= 7.0\(3\)f2 < 9.3\(2\)

   Cisco ≫ Nexus 3016 Version-
   Cisco ≫ Nexus 3048 Version-
   Cisco ≫ Nexus 3064 Version-
   Cisco ≫ Nexus 3064-t Version-
   Cisco ≫ Nexus 31108pc-v Version-
   Cisco ≫ Nexus 31108tc-v Version-
   Cisco ≫ Nexus 31128pq Version-
   Cisco ≫ Nexus 3132c-z Version-
   Cisco ≫ Nexus 3132q Version-
   Cisco ≫ Nexus 3132q-v Version-
   Cisco ≫ Nexus 3132q-xl Version-
   Cisco ≫ Nexus 3164q Version-
   Cisco ≫ Nexus 3172 Version-
   Cisco ≫ Nexus 3172pq-xl Version-
   Cisco ≫ Nexus 3172tq Version-
   Cisco ≫ Nexus 3172tq-32t Version-
   Cisco ≫ Nexus 3172tq-xl Version-
   Cisco ≫ Nexus 3232c Version-
   Cisco ≫ Nexus 3264c-e Version-
   Cisco ≫ Nexus 3264q Version-
   Cisco ≫ Nexus 3408-s Version-
   Cisco ≫ Nexus 34180yc Version-
   Cisco ≫ Nexus 3432d-s Version-
   Cisco ≫ Nexus 3464c Version-
   Cisco ≫ Nexus 3524 Version-
   Cisco ≫ Nexus 3524-x Version-
   Cisco ≫ Nexus 3524-xl Version-
   Cisco ≫ Nexus 3548 Version-
   Cisco ≫ Nexus 3548-x Version-
   Cisco ≫ Nexus 3548-xl Version-
   Cisco ≫ Nexus 36180yc-r Version-
   Cisco ≫ Nexus 3636c-r Version-
   Cisco ≫ Nexus 9000v Version-
   Cisco ≫ Nexus 92160yc-x Version-
   Cisco ≫ Nexus 92300yc Version-
   Cisco ≫ Nexus 92304qc Version-
   Cisco ≫ Nexus 92348gc-x Version-
   Cisco ≫ Nexus 9236c Version-
   Cisco ≫ Nexus 9272q Version-
   Cisco ≫ Nexus 93108tc-ex Version-
   Cisco ≫ Nexus 93108tc-fx Version-
   Cisco ≫ Nexus 93120tx Version-
   Cisco ≫ Nexus 93128tx Version-
   Cisco ≫ Nexus 93180lc-ex Version-
   Cisco ≫ Nexus 93180yc-ex Version-
   Cisco ≫ Nexus 93180yc-fx Version-
   Cisco ≫ Nexus 93216tc-fx2 Version-
   Cisco ≫ Nexus 93240yc-fx2 Version-
   Cisco ≫ Nexus 9332c Version-
   Cisco ≫ Nexus 9332pq Version-
   Cisco ≫ Nexus 93360yc-fx2 Version-
   Cisco ≫ Nexus 9336c-fx2 Version-
   Cisco ≫ Nexus 9336pq Aci Spine Version-
   Cisco ≫ Nexus 9348gc-fxp Version-
   Cisco ≫ Nexus 9364c Version-
   Cisco ≫ Nexus 9372px Version-
   Cisco ≫ Nexus 9372px-e Version-
   Cisco ≫ Nexus 9372tx Version-
   Cisco ≫ Nexus 9372tx-e Version-
   Cisco ≫ Nexus 9396px Version-
   Cisco ≫ Nexus 9396tx Version-
   Cisco ≫ Nexus 9504 Version-
   Cisco ≫ Nexus 9508 Version-
   Cisco ≫ Nexus 9516 Version-

Cisco ≫ Nx-os Version >= 7.0\(3\)i < 7.0\(3\)i7\(8\)

Cisco ≫ Nx-os Version >= 7.1 < 7.3\(6\)n1\(1\)

   Cisco ≫ Nexus 5548p Version-
   Cisco ≫ Nexus 5548up Version-
   Cisco ≫ Nexus 5596t Version-
   Cisco ≫ Nexus 5596up Version-
   Cisco ≫ Nexus 56128p Version-
   Cisco ≫ Nexus 5624q Version-
   Cisco ≫ Nexus 5648q Version-
   Cisco ≫ Nexus 5672up Version-
   Cisco ≫ Nexus 5696q Version-
   Cisco ≫ Nexus 6001 Version-
   Cisco ≫ Nexus 6004 Version-

Cisco ≫ Nx-os Version < 9.3\(2\)

   Cisco ≫ Nexus 9000v Version-
   Cisco ≫ Nexus 92160yc-x Version-
   Cisco ≫ Nexus 92300yc Version-
   Cisco ≫ Nexus 92304qc Version-
   Cisco ≫ Nexus 92348gc-x Version-
   Cisco ≫ Nexus 9236c Version-
   Cisco ≫ Nexus 9272q Version-
   Cisco ≫ Nexus 93108tc-ex Version-
   Cisco ≫ Nexus 93108tc-fx Version-
   Cisco ≫ Nexus 93120tx Version-
   Cisco ≫ Nexus 93128tx Version-
   Cisco ≫ Nexus 93180lc-ex Version-
   Cisco ≫ Nexus 93180yc-ex Version-
   Cisco ≫ Nexus 93180yc-fx Version-
   Cisco ≫ Nexus 93216tc-fx2 Version-
   Cisco ≫ Nexus 93240yc-fx2 Version-
   Cisco ≫ Nexus 9332c Version-
   Cisco ≫ Nexus 9332pq Version-
   Cisco ≫ Nexus 93360yc-fx2 Version-
   Cisco ≫ Nexus 9336c-fx2 Version-
   Cisco ≫ Nexus 9336pq Aci Spine Version-
   Cisco ≫ Nexus 9348gc-fxp Version-
   Cisco ≫ Nexus 9364c Version-
   Cisco ≫ Nexus 9372px Version-
   Cisco ≫ Nexus 9372px-e Version-
   Cisco ≫ Nexus 9372tx Version-
   Cisco ≫ Nexus 9372tx-e Version-
   Cisco ≫ Nexus 9396px Version-
   Cisco ≫ Nexus 9396tx Version-
   Cisco ≫ Nexus 9504 Version-
   Cisco ≫ Nexus 9508 Version-
   Cisco ≫ Nexus 9516 Version-

Cisco ≫ Nx-os Version >= 14.0 < 14.2\(1j\)

Cisco ≫ Ucs Manager Version < 3.2\(3m\)

   Cisco ≫ Ucs 6248up Version-
   Cisco ≫ Ucs 6296up Version-
   Cisco ≫ Ucs 6300 Version-
   Cisco ≫ Ucs 6324 Version-
   Cisco ≫ Ucs 64108 Version-
   Cisco ≫ Ucs 6454 Version-

Cisco ≫ Ucs Manager Version >= 4.0 < 4.0\(4f\)

   Cisco ≫ Ucs 6248up Version-
   Cisco ≫ Ucs 6296up Version-
   Cisco ≫ Ucs 6300 Version-
   Cisco ≫ Ucs 6324 Version-
   Cisco ≫ Ucs 64108 Version-
   Cisco ≫ Ucs 6454 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.91%	0.916

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C
psirt@cisco.com	8.8	2.8	5.9	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html

Third Party Advisory

VDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-3119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-3119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-3119

EUVD