You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

by Marina Dimic Vugec - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-August-26.

The following PSIRT security advisories (7 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability – SIR: High

2) Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability – SIR: High

3) Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability – SIR: High

4) Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability – SIR: High

5) Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability – SIR: High

6) Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability – SIR: High

7) Cisco NX-OS Software Call Home Command Injection Vulnerability – SIR: High

+——————————————————————–

1) Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability

CVE-2020-3415

SIR: High

CVSS Score v(3.0): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dme-rce-cbE3nhZS”]

+——————————————————————–

2) Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

CVE-2020-3517

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd”]

+——————————————————————–

3) Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability

CVE-2020-3394

SIR: High

CVSS Score v(3.0): 7.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC”]

+——————————————————————–

4) Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability

CVE-2020-3398

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp”]

+——————————————————————–

5) Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability

CVE-2020-3397

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ”]

+——————————————————————–

6) Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability

CVE-2020-3338

SIR: High

CVSS Score v(3.0): 7.5

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw”]

+——————————————————————–

7) Cisco NX-OS Software Call Home Command Injection Vulnerability

CVE-2020-3454

SIR: High

CVSS Score v(3.0): 7.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-callhome-cmdinj-zkxzSCY”]

—–BEGIN PGP SIGNATURE—–

iQKDBAEBAgBtBQJfRofNZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFehN4D/4o/upwjebtaQAd
pPCRK8qPQCAEetzXN85t1cFB5Yq0qjs3cw9uqSjQ6DBfGtJp6r9FaSa8JGmdHVcl
BsuAROl27BG5Feq2TMSjZ81GKuD4SkPdxjP/DI5BODmomanUW6yXHC0gwSmIEjZD
ap21tSinRbsv3U5/yI3Wjolllu26+ne+BrHWimBwY+8EEtK2VG29lJgNdofe+x7W
16yACBbNeYFSRwPhxMgjJwrQu5uN4Lhz0g0FMUiu5FW6ZsJ3qR367GkRLSnU6xsK
nF5sjY4CsAch6KFboq/ClWuM6UzA7i8zSiOsypOXATcm2++VChZO24q7bnY6/Tpz
IsbSGSkR9zPRw94v/TzqWeHx2NuPZbEmC59kmLVjipz3qv+qZta6f/JdQK9mJ8wZ
/jT1RORpXWGEQ88Yy6gLrsd6hAR0JsU8WWqPNUEz9QBIWvva/VgSK1oXYbrOqyAE
5gihZj/YtgGHFH/emlqsoYcTYMzqc+sI5fHF6lJYchsMg53Mc0CCHvlbhY8ZLIl4
LZ465IPQvIY8vM29ipTmi/fb8Gzv7/IcM6rtZ3IFXdY2mxdmNjiKQeCYp/jkRJRi
jiDsec4lZcLvsJvRMYUhCN01H52eD8g2AFTJ1MdQdsLB48eTTDEN9BNkFwEedVNm
o1dB0PQJXNEqHp0YCv54A1hCEqpHuA==
=yYM7
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorGoran Culibrk
Cert idNCERT-REF-2020-08-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Wireshark

Otkriven je sigurnosni nedostatak u programskom paketu Wireshark za operacijski sustav Gentoo. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close