Insufficient verification of data authenticity in Cisco NX-OS Software



Published: 2020-02-27 | Updated: 2020-02-27
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-3174
CWE-ID CWE-345
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe 		Cisco NX-OS
Operating systems & Components / Operating system

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Insufficient verification of data authenticity

EUVDB-ID: #VU25670

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3174

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries.

The vulnerability exists due to improper validation of a received gratuitous ARP (GARP) request in the anycast gateway feature. A remote attacker on the local network can send a malicious GARP packet to cause the ARP table on the device to become corrupted and populate the ARP table with incorrect entries, which could lead to traffic disruptions.

This vulnerability affects the following products if they are running a vulnerable release of Cisco NX-OS Software and had the anycast gateway feature enabled:

  • Nexus 3000 Series Switches
  • Nexus 7000 Series Switches
  • Nexus 9000 Series Switches in standalone NX-OS mode

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco NX-OS: 8.1.1 - 9.3.1

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-arp


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###