Key management errors in Cisco FXOS Software and UCS Manager Software

1) Key management errors

EUVDB-ID: #VU72513

Risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20016

CWE-ID: CWE-320 - Key Management Errors

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to a weakness in the encryption method used for the backup function. A local attacker can decrypt sensitive information that is stored in full state and configuration backup files.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco UCS Manager: 4.0 - 4.2

Firepower 4100 Series Security Appliances: All versions

Cisco Firepower 9300 Security Appliance: All versions

UCS 6200 Series Fabric Interconnects: All versions

UCS 6300 Series Fabric Interconnects: All versions

UCS 6400 Series Fabric Interconnects: All versions

UCS 6500 Series Fabric Interconnects: All versions

Cisco FXOS: before 2.6.1

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.