Vulnslist

find the latest Cisco vulnerabilities

Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability

cisco-sa-20200226-nxos-bgpmd5 · Medium · Published · Updated

A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5

Cisco advisory ·CSAF JSON

Workarounds

As a workaround, administrators may reconfigure the VRF name to be 19 characters or less.

CVEsCVE-2020-3165
Cisco Bug IDsCSCvq72707
CVSS ScoreBase 8.2
Base 8.2 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco NX-OS Software 9.2(1), Cisco NX-OS Software 9.2(2), Cisco NX-OS Software 9.2(2t), Cisco NX-OS Software 9.2(3), Cisco NX-OS Software 9.2(3y), Cisco NX-OS Software 9.2(2v), Cisco NX-OS Software 9.3(1), Cisco NX-OS Software 9.3(1z), Cisco NX-OS Software, Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches

CSAF Product Statuses

Product Status Source CVE Rows
Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(1) when installed on Cisco Nexus 9000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(2) when installed on Cisco Nexus 9000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(2t) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(2v) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(3) when installed on Cisco Nexus 9000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.2(3y) when installed on Cisco Nexus 9000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 3000 Series Switches known_affected cisco_csaf CVE-2020-3165 1
Cisco NX-OS Software 9.3(1) when installed on Cisco Nexus 9000 Series Switches known_affected cisco_csaf CVE-2020-3165 1

Showing 12 of 13 CSAF status groups; 1 more not shown.

Related Products

Product CVE Evidence
Cisco NX-OS Software CVE-2020-3165 Cisco OpenVuln
Cisco Nexus 9000 Series Switches CVE-2020-3165 Cisco OpenVuln · family-level
Cisco Nexus 3000 Series Switches CVE-2020-3165 Cisco OpenVuln · family-level