CVE-2020-3120
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Affected (25)
Products: Cisco: Firepower Extensible Operating System, Fxos, Ios Xr, Nx Os, Ucs Manager
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.3.1.173 | |
| Version 2.4 |
| Running on/with | Platform Versions |
|---|---|
Cisco Firepower 4110 | All versions |
Cisco Firepower 4115 | All versions |
Cisco Firepower 4120 | All versions |
Cisco Firepower 4125 | All versions |
Cisco Firepower 4140 | All versions |
Cisco Firepower 4145 | All versions |
Cisco Firepower 4150 | All versions |
Cisco Firepower 9300 | All versions |
Configuration B
Configuration C
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.5.3 |
| Running on/with | Platform Versions |
|---|---|
Cisco Asr 9000v | All versions |
Cisco Asr 9001 | All versions |
Cisco Asr 9006 | All versions |
Cisco Asr 9010 | All versions |
Cisco Asr 9901 | All versions |
Cisco Asr 9904 | All versions |
Cisco Asr 9906 | All versions |
Cisco Asr 9910 | All versions |
Cisco Asr 9912 | All versions |
Cisco Asr 9922 | All versions |
Cisco Ncs 5001 | All versions |
Cisco Ncs 5002 | All versions |
Cisco Ncs 5011 | All versions |
Cisco Ncs 540 12z20g Sys A | All versions |
Cisco Ncs 540 12z20g Sys D | All versions |
Cisco Ncs 540 24z8q2c Sys | All versions |
Cisco Ncs 540 28z4c Sys A | All versions |
Cisco Ncs 540 28z4c Sys D | All versions |
Cisco Ncs 540 Acc Sys | All versions |
Cisco Ncs 540x 12z16g Sys A | All versions |
Cisco Ncs 540x 12z16g Sys D | All versions |
Cisco Ncs 540x 16z4g8q2c A | All versions |
Cisco Ncs 540x 16z4g8q2c D | All versions |
Cisco Ncs 540x Acc Sys | All versions |
Cisco Ncs 5501 | All versions |
Cisco Ncs 5501 Se | All versions |
Cisco Ncs 5502 | All versions |
Cisco Ncs 5502 Se | All versions |
Cisco Ncs 5508 | All versions |
Cisco Ncs 5516 | All versions |
Cisco Xrv 9000 | All versions |
Configuration E
Configuration F
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| From 5.2 to 6.2\(29\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Mds 9132t | All versions |
Cisco Mds 9148s | All versions |
Cisco Mds 9148t | All versions |
Cisco Mds 9216 | All versions |
Cisco Mds 9216a | All versions |
Cisco Mds 9216i | All versions |
Cisco Mds 9222i | All versions |
Cisco Mds 9506 | All versions |
Cisco Mds 9509 | All versions |
Cisco Mds 9513 | All versions |
Cisco Mds 9706 | All versions |
Cisco Mds 9710 | All versions |
Cisco Mds 9718 | All versions |
Configuration H
Configuration I
Configuration J
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| From 7.0\(3\)f2 to 9.3\(2\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 3016 | All versions |
Cisco Nexus 3048 | All versions |
Cisco Nexus 3064 | All versions |
Cisco Nexus 3064 T | All versions |
Cisco Nexus 31108pc V | All versions |
Cisco Nexus 31108tc V | All versions |
Cisco Nexus 31128pq | All versions |
Cisco Nexus 3132c Z | All versions |
Cisco Nexus 3132q | All versions |
Cisco Nexus 3132q V | All versions |
Cisco Nexus 3132q Xl | All versions |
Cisco Nexus 3164q | All versions |
Cisco Nexus 3172 | All versions |
Cisco Nexus 3172pq Xl | All versions |
Cisco Nexus 3172tq | All versions |
Cisco Nexus 3172tq 32t | All versions |
Cisco Nexus 3172tq Xl | All versions |
Cisco Nexus 3232c | All versions |
Cisco Nexus 3264c E | All versions |
Cisco Nexus 3264q | All versions |
Cisco Nexus 3408 S | All versions |
Cisco Nexus 34180yc | All versions |
Cisco Nexus 3432d S | All versions |
Cisco Nexus 3464c | All versions |
Cisco Nexus 3524 | All versions |
Cisco Nexus 3524 X | All versions |
Cisco Nexus 3524 Xl | All versions |
Cisco Nexus 3548 | All versions |
Cisco Nexus 3548 X | All versions |
Cisco Nexus 3548 Xl | All versions |
Cisco Nexus 36180yc R | All versions |
Cisco Nexus 3636c R | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.3\(6\)n1\(1\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 5548p | All versions |
Cisco Nexus 5548up | All versions |
Cisco Nexus 5596t | All versions |
Cisco Nexus 5596up | All versions |
Cisco Nexus 56128p | All versions |
Cisco Nexus 5624q | All versions |
Cisco Nexus 5648q | All versions |
Cisco Nexus 5672up | All versions |
Cisco Nexus 5696q | All versions |
Configuration M
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 13.2\(9b\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 9000v | All versions |
Cisco Nexus 92160yc X | All versions |
Cisco Nexus 92300yc | All versions |
Cisco Nexus 92304qc | All versions |
Cisco Nexus 92348gc X | All versions |
Cisco Nexus 9236c | All versions |
Cisco Nexus 9272q | All versions |
Cisco Nexus 93108tc Ex | All versions |
Cisco Nexus 93108tc Fx | All versions |
Cisco Nexus 93120tx | All versions |
Cisco Nexus 93128tx | All versions |
Cisco Nexus 93180lc Ex | All versions |
Cisco Nexus 93180yc Ex | All versions |
Cisco Nexus 93180yc Fx | All versions |
Cisco Nexus 93216tc Fx2 | All versions |
Cisco Nexus 93240yc Fx2 | All versions |
Cisco Nexus 9332c | All versions |
Cisco Nexus 9332pq | All versions |
Cisco Nexus 93360yc Fx2 | All versions |
Cisco Nexus 9336c Fx2 | All versions |
Cisco Nexus 9336pq Aci Spine | All versions |
Cisco Nexus 9348gc Fxp | All versions |
Cisco Nexus 9364c | All versions |
Cisco Nexus 9372px | All versions |
Cisco Nexus 9372px E | All versions |
Cisco Nexus 9372tx | All versions |
Cisco Nexus 9372tx E | All versions |
Cisco Nexus 9396px | All versions |
Cisco Nexus 9396tx | All versions |
Cisco Nexus 9504 | All versions |
Cisco Nexus 9508 | All versions |
Cisco Nexus 9516 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2\(3m\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Ucs 6248up | All versions |
Cisco Ucs 6296up | All versions |
Cisco Ucs 6300 | All versions |
Cisco Ucs 6324 | All versions |
Cisco Ucs 64108 | All versions |
Cisco Ucs 6454 | All versions |
References (4)
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.