Severity Rating: HIGH
Software Affected
Cisco Prime Network Registrar
Cisco NX-OS Software
Cisco Unified CCX software
Overview
Multiple Vulnerabilities have been reported in the DHCP server of Cisco
Prime Network Registrar, Cisco NX-OS Software for Cisco MDS 9000 Series
Multilayer Switches & Cisco Unified Contact Center Express which could be
exploited by an attacker to execute arbitrary code on a targeted system.
Description
1. Vulnerability in the DHCP server of Cisco Prime Network Registrar (
CVE-2020-3272 )
This Vulnerability exists in the DHCP server of Cisco Prime Network
Registrar due to insufficient input validation of incoming DHCP traffic
that could allow the attacker to cause a denial of service (DoS) condition.
An attacker could exploit this vulnerability by sending a crafted DHCP
request to an affected device.
Successful exploitation of this vulnerability could allow the attacker to
cause a restart of the DHCP server process, causing a denial of service
(DoS) condition.
2. Vulnerability in the Cisco MDS 9000 Series Switches ( CVE-2020-3175 )
This Vulnerability exists in the resource handling system of Cisco NX-OS
Software for Cisco MDS 9000 Series Multilayer Switches due to improper
resource usage control that could allow the attacker to cause unexpected
behaviors such as high CPU usage, process crashes, or even full system
reboots of an affected device. An attacker could exploit this vulnerability
by sending traffic to the management interface (mgmt0) of an affected
device at very high rates.
Successful exploitation of this vulnerability could allow the attacker to
cause a denial of service (DoS) condition.
3. Remote Code Execution Vulnerability in Cisco Unified Contact Center
Express ( CVE-2020-3280 )
This Vulnerability exists in the Java Remote Management Interface of Cisco
Unified Contact Center Express due to insecure deserialization of
user-supplied content by the affected software that could allow the
attacker to execute arbitrary code. An attacker could exploit this
vulnerability by sending a malicious serialized Java object to a specific
listener on an affected system.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code as the root user on an affected device.
Solution
Apply appopriate updates as mentioned in:
- -sa-cpnr-dhcp-dos-BkEZfhLP
- -sa-20200226-mds-ovrld-dos
- -sa-uccx-rce-GMSC6RKN
Vendor Information
CISCO
- -sa-cpnr-dhcp-dos-BkEZfhLP
- -sa-20200226-mds-ovrld-dos
- -sa-uccx-rce-GMSC6RKN
References
CISCO
- -sa-cpnr-dhcp-dos-BkEZfhLP
- -sa-20200226-mds-ovrld-dos
- -sa-uccx-rce-GMSC6RKN
CVE Name
CVE-2020-3272
CVE-2020-3175
CVE-2020-3280
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.