Vulnerability identifier: #VU72510

Vulnerability risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20012

CWE-ID: CWE-287

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Cisco Nexus 9300-FX3 Series Fabric Extender (FEX)
Hardware solutions / Routers & switches, VoIP, GSM, etc
UCS 6400 Series Fabric Interconnects
Hardware solutions / Routers & switches, VoIP, GSM, etc
UCS 6500 Series Fabric Interconnects
Hardware solutions / Routers & switches, VoIP, GSM, etc
N9K-C93180YC-FX3
Hardware solutions / Routers & switches, VoIP, GSM, etc
N9K-C93180YC-FX3S
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco UCS
Other software / Other software solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the improper implementation of the password validation function. An attacker with physical access can bypass authentication and execute a limited set of commands local to the FEX, leading to a device reboot and denial of service (DoS) condition.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco Nexus 9300-FX3 Series Fabric Extender (FEX): All versions

UCS 6400 Series Fabric Interconnects: All versions

UCS 6500 Series Fabric Interconnects: All versions

N9K-C93180YC-FX3: All versions

N9K-C93180YC-FX3S: All versions

Cisco UCS: 4.2

---

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-elyfex-dos-gfvcByx

---

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.