Improper Authentication in Cisco Nexus 9300-FX3 Series Fabric Extender

1) Improper Authentication

EUVDB-ID: #VU72510

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20012

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the improper implementation of the password validation function. An attacker with physical access can bypass authentication and execute a limited set of commands local to the FEX, leading to a device reboot and denial of service (DoS) condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Nexus 9300-FX3 Series Fabric Extender (FEX): All versions

UCS 6400 Series Fabric Interconnects: All versions

UCS 6500 Series Fabric Interconnects: All versions

N9K-C93180YC-FX3: All versions

N9K-C93180YC-FX3S: All versions

Cisco UCS: 4.2

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-elyfex-dos-gfvcByx

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.