Vulnslist

find the latest Cisco vulnerabilities

Cisco NX-OS Software Image Verification Bypass Vulnerability

cisco-sa-nxos-image-sig-bypas-pQDRQvjL · High · Published · Updated

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.  This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2024-20397
Cisco Bug IDsCSCwh76166, CSCwm47438, CSCwh76163, CSCwn11901, CSCwj35846
CVSS ScoreBase 5.2
Base 5.2 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Unified Computing System (Managed), Cisco NX-OS Software 6.0(2)A8(1), Cisco NX-OS Software 6.0(2)A8(2), Cisco NX-OS Software 6.0(2)A8(3), Cisco NX-OS Software 6.0(2)A8(4), Cisco NX-OS Software 6.0(2)A8(4a), Cisco NX-OS Software 6.0(2)A8(5), Cisco NX-OS Software 6.0(2)A8(6), Cisco NX-OS Software 6.0(2)A8(7), Cisco NX-OS Software 6.0(2)A8(7a), Cisco NX-OS Software 6.0(2)A8(7b), Cisco NX-OS Software 6.0(2)A8(8), Cisco NX-OS Software 6.0(2)A8(9), Cisco NX-OS Software 6.0(2)A8(10a), Cisco NX-OS Software 6.0(2)A8(10), Cisco NX-OS Software 6.0(2)A8(11), Cisco NX-OS Software 6.0(2)A8(11a), Cisco NX-OS Software 6.0(2)A8(11b), Cisco NX-OS Software 7.0(3)F3(1), Cisco NX-OS Software 7.0(3)F3(2), Cisco NX-OS Software 7.0(3)F3(3), Cisco NX-OS Software 7.0(3)F3(3a), Cisco NX-OS Software 7.0(3)F3(4), Cisco NX-OS Software 7.0(3)F3(3c), Cisco NX-OS Software 7.0(3)F3(5), Cisco NX-OS Software 7.0(3)I4(1), Cisco NX-OS Software 7.0(3)I4(2), Cisco NX-OS Software 7.0(3)I4(3), Cisco NX-OS Software 7.0(3)I4(4), Cisco NX-OS Software 7.0(3)I4(5), Cisco NX-OS Software 7.0(3)I4(6), Cisco NX-OS Software 7.0(3)I4(7), Cisco NX-OS Software 7.0(3)I4(8), Cisco NX-OS Software 7.0(3)I4(8a), Cisco NX-OS Software 7.0(3)I4(8b), Cisco NX-OS Software 7.0(3)I4(8z), Cisco NX-OS Software 7.0(3)I4(1t), Cisco NX-OS Software 7.0(3)I4(6t), Cisco NX-OS Software 7.0(3)I4(9), Cisco NX-OS Software 7.0(3)I5(1), Cisco NX-OS Software 7.0(3)I5(2), Cisco NX-OS Software 7.0(3)I5(3), Cisco NX-OS Software 7.0(3)I5(3a), Cisco NX-OS Software 7.0(3)I5(3b), Cisco NX-OS Software 7.0(3)I6(1), Cisco NX-OS Software 7.0(3)I6(2), Cisco NX-OS Software 7.0(3)I7(1), Cisco NX-OS Software 7.0(3)I7(2), Cisco NX-OS Software 7.0(3)I7(3), Cisco NX-OS Software 7.0(3)I7(4), Cisco NX-OS Software 7.0(3)I7(5), Cisco NX-OS Software 7.0(3)I7(5a), Cisco NX-OS Software 7.0(3)I7(3z), Cisco NX-OS Software 7.0(3)I7(6), Cisco NX-OS Software 7.0(3)I7(6z), Cisco NX-OS Software 7.0(3)I7(7), Cisco NX-OS Software 7.0(3)I7(8), Cisco NX-OS Software 7.0(3)I7(9), Cisco NX-OS Software 7.0(3)I7(9w), Cisco NX-OS Software 7.0(3)I7(10), Cisco NX-OS Software 7.3(0)D1(1), Cisco NX-OS Software 7.3(0)DX(1), Cisco NX-OS Software 7.3(0)DY(1), Cisco NX-OS Software 7.3(1)D1(1), Cisco NX-OS Software 7.3(1)DY(1), Cisco NX-OS Software 7.3(2)D1(1), Cisco NX-OS Software 7.3(2)D1(2), Cisco NX-OS Software 7.3(2)D1(3), Cisco NX-OS Software 7.3(2)D1(3a), Cisco NX-OS Software 7.3(2)D1(1d), Cisco NX-OS Software 8.1(1), Cisco NX-OS Software 8.1(2), Cisco NX-OS Software 8.1(2a), Cisco NX-OS Software 8.1(1a), Cisco NX-OS Software 8.1(1b), Cisco NX-OS Software 8.2(1), Cisco NX-OS Software 8.2(2), Cisco NX-OS Software 8.2(3), Cisco NX-OS Software 8.2(4), Cisco NX-OS Software 8.2(5), Cisco NX-OS Software 8.2(6), Cisco NX-OS Software 8.2(7), Cisco NX-OS Software 8.2(7a), Cisco NX-OS Software 8.2(8), Cisco NX-OS Software 8.2(9), Cisco NX-OS Software 8.2(10), Cisco NX-OS Software 8.2(11), Cisco NX-OS Software 8.3(1), Cisco NX-OS Software 8.3(2), Cisco NX-OS Software 9.2(1), Cisco NX-OS Software 9.2(2), Cisco NX-OS Software 9.2(2t), Cisco NX-OS Software 9.2(3), Cisco NX-OS Software 9.2(3y), Cisco NX-OS Software 9.2(4), Cisco NX-OS Software 9.2(2v), Cisco NX-OS Software 9.2(1a), Cisco NX-OS Software 7.3(3)D1(1), Cisco NX-OS Software 7.0(3)IA7(1), Cisco NX-OS Software 7.0(3)IA7(2), Cisco NX-OS Software 7.0(3)IM7(2), Cisco NX-OS Software 7.3(4)D1(1), Cisco NX-OS Software 8.4(1), Cisco NX-OS Software 8.4(1a), Cisco NX-OS Software 8.4(2), Cisco NX-OS Software 8.4(2a), Cisco NX-OS Software 8.4(3), Cisco NX-OS Software 8.4(2b), Cisco NX-OS Software 8.4(4), Cisco NX-OS Software 8.4(2c), Cisco NX-OS Software 8.4(4a), Cisco NX-OS Software 8.4(5), Cisco NX-OS Software 8.4(2d), Cisco NX-OS Software 8.4(6), Cisco NX-OS Software 8.4(2e), Cisco NX-OS Software 8.4(6a), Cisco NX-OS Software 8.4(7), Cisco NX-OS Software 8.4(2f), Cisco NX-OS Software 8.4(8), Cisco NX-OS Software 8.4(9), Cisco NX-OS Software 9.3(1), Cisco NX-OS Software 9.3(2), Cisco NX-OS Software 9.3(3), Cisco NX-OS Software 9.3(1z), Cisco NX-OS Software 9.3(4), Cisco NX-OS Software 9.3(5), Cisco NX-OS Software 9.3(6), Cisco NX-OS Software 9.3(5w), Cisco NX-OS Software 9.3(7), Cisco NX-OS Software 9.3(7k), Cisco NX-OS Software 9.3(7a), Cisco NX-OS Software 9.3(8), Cisco NX-OS Software 9.3(9), Cisco NX-OS Software 9.3(10), Cisco NX-OS Software 9.3(11), Cisco NX-OS Software 9.3(2a), Cisco NX-OS Software 9.3(12), Cisco NX-OS Software 9.3(13), Cisco NX-OS Software 9.3(14), Cisco NX-OS Software 7.3(5)D1(1), Cisco NX-OS Software 7.3(6)D1(1), Cisco NX-OS Software 7.3(7)D1(1), Cisco NX-OS Software 10.1(1), Cisco NX-OS Software 10.1(2), Cisco NX-OS Software 10.1(2t), Cisco NX-OS Software 8.5(1), Cisco NX-OS Software 7.3(8)D1(1), Cisco NX-OS Software 10.2(1), Cisco NX-OS Software 10.2(1q), Cisco NX-OS Software 10.2(2), Cisco NX-OS Software 10.2(3), Cisco NX-OS Software 10.2(2a), Cisco NX-OS Software 10.2(3t), Cisco NX-OS Software 10.2(4), Cisco NX-OS Software 10.2(5), Cisco NX-OS Software 10.2(3v), Cisco NX-OS Software 10.2(6), Cisco NX-OS Software 10.2(7), Cisco NX-OS Software 10.2(8), Cisco NX-OS Software 7.3(9)D1(1), Cisco NX-OS Software 10.3(1), Cisco NX-OS Software 10.3(2), Cisco NX-OS Software 10.3(3), Cisco NX-OS Software 10.3(99w), Cisco NX-OS Software 10.3(3w), Cisco NX-OS Software 10.3(99x), Cisco NX-OS Software 10.3(3o), Cisco NX-OS Software 10.3(4a), Cisco NX-OS Software 10.3(3p), Cisco NX-OS Software 10.3(4), Cisco NX-OS Software 10.3(3q), Cisco NX-OS Software 10.3(3x), Cisco NX-OS Software 10.3(5), Cisco NX-OS Software 10.3(4g), Cisco NX-OS Software 10.3(3r), Cisco NX-OS Software 10.3(6), Cisco NX-OS Software 10.3(4h), Cisco NX-OS Software 9.4(1), Cisco NX-OS Software 9.4(1a), Cisco NX-OS Software 10.4(1), Cisco NX-OS Software 10.4(2), Cisco NX-OS Software 10.4(3), Cisco NX-OS Software 10.4(4), Cisco NX-OS Software 10.4(4g), Cisco NX-OS Software 10.5(1), Cisco NX-OS System Software in ACI Mode 13.2(1l), Cisco NX-OS System Software in ACI Mode 13.2(1m), Cisco NX-OS System Software in ACI Mode 13.2(2l), Cisco NX-OS System Software in ACI Mode 13.2(2o), Cisco NX-OS System Software in ACI Mode 13.2(3i), Cisco NX-OS System Software in ACI Mode 13.2(3n), Cisco NX-OS System Software in ACI Mode 13.2(3o), Cisco NX-OS System Software in ACI Mode 13.2(3r), Cisco NX-OS System Software in ACI Mode 13.2(4d), Cisco NX-OS System Software in ACI Mode 13.2(4e), Cisco NX-OS System Software in ACI Mode 13.2(3j), Cisco NX-OS System Software in ACI Mode 13.2(3s), Cisco NX-OS System Software in ACI Mode 13.2(5d), Cisco NX-OS System Software in ACI Mode 13.2(5e), Cisco NX-OS System Software in ACI Mode 13.2(5f), Cisco NX-OS System Software in ACI Mode 13.2(6i), Cisco NX-OS System Software in ACI Mode 13.2(41d), Cisco NX-OS System Software in ACI Mode 13.2(7f), Cisco NX-OS System Software in ACI Mode 13.2(7k), Cisco NX-OS System Software in ACI Mode 13.2(9b), Cisco NX-OS System Software in ACI Mode 13.2(8d), Cisco NX-OS System Software in ACI Mode 13.2(9f), Cisco NX-OS System Software in ACI Mode 13.2(9h), Cisco NX-OS System Software in ACI Mode 13.2(10e), Cisco NX-OS System Software in ACI Mode 13.2(10f), Cisco NX-OS System Software in ACI Mode 13.2(10g), Cisco NX-OS System Software in ACI Mode 14.0(1h), Cisco NX-OS System Software in ACI Mode 14.0(2c), Cisco NX-OS System Software in ACI Mode 14.0(3d), Cisco NX-OS System Software in ACI Mode 14.0(3c), Cisco NX-OS System Software in ACI Mode 14.1(1i), Cisco NX-OS System Software in ACI Mode 14.1(1j), Cisco NX-OS System Software in ACI Mode 14.1(1k), Cisco NX-OS System Software in ACI Mode 14.1(1l), Cisco NX-OS System Software in ACI Mode 14.1(2g), Cisco NX-OS System Software in ACI Mode 14.1(2m), Cisco NX-OS System Software in ACI Mode 14.1(2o), Cisco NX-OS System Software in ACI Mode 14.1(2s), Cisco NX-OS System Software in ACI Mode 14.1(2u), Cisco NX-OS System Software in ACI Mode 14.1(2w), Cisco NX-OS System Software in ACI Mode 14.1(2x), Cisco NX-OS System Software in ACI Mode 14.2(1i), Cisco NX-OS System Software in ACI Mode 14.2(1j), Cisco NX-OS System Software in ACI Mode 14.2(1l), Cisco NX-OS System Software in ACI Mode 14.2(2e), Cisco NX-OS System Software in ACI Mode 14.2(2f), Cisco NX-OS System Software in ACI Mode 14.2(2g), Cisco NX-OS System Software in ACI Mode 14.2(3j), Cisco NX-OS System Software in ACI Mode 14.2(3l), Cisco NX-OS System Software in ACI Mode 14.2(3n), Cisco NX-OS System Software in ACI Mode 14.2(3q), Cisco NX-OS System Software in ACI Mode 14.2(4i), Cisco NX-OS System Software in ACI Mode 14.2(4k), Cisco NX-OS System Software in ACI Mode 14.2(4o), Cisco NX-OS System Software in ACI Mode 14.2(4p), Cisco NX-OS System Software in ACI Mode 14.2(5k), Cisco NX-OS System Software in ACI Mode 14.2(5l), Cisco NX-OS System Software in ACI Mode 14.2(5n), Cisco NX-OS System Software in ACI Mode 14.2(6d), Cisco NX-OS System Software in ACI Mode 14.2(6g), Cisco NX-OS System Software in ACI Mode 14.2(6h), Cisco NX-OS System Software in ACI Mode 14.2(6l), Cisco NX-OS System Software in ACI Mode 14.2(7f), Cisco NX-OS System Software in ACI Mode 14.2(7l), Cisco NX-OS System Software in ACI Mode 14.2(6o), Cisco NX-OS System Software in ACI Mode 14.2(7q), Cisco NX-OS System Software in ACI Mode 14.2(7r), Cisco NX-OS System Software in ACI Mode 14.2(7s), Cisco NX-OS System Software in ACI Mode 14.2(7t), Cisco NX-OS System Software in ACI Mode 14.2(7u), Cisco NX-OS System Software in ACI Mode 14.2(7v), Cisco NX-OS System Software in ACI Mode 14.2(7w), Cisco NX-OS System Software in ACI Mode 15.0(1k), Cisco NX-OS System Software in ACI Mode 15.0(1l), Cisco NX-OS System Software in ACI Mode 15.0(2e), Cisco NX-OS System Software in ACI Mode 15.0(2h), Cisco NX-OS System Software in ACI Mode 15.1(2e), Cisco NX-OS System Software in ACI Mode 15.1(3e), Cisco NX-OS System Software in ACI Mode 15.1(4c), Cisco NX-OS System Software in ACI Mode 15.2(1g), Cisco NX-OS System Software in ACI Mode 15.2(2e), Cisco NX-OS System Software in ACI Mode 15.2(2f), Cisco NX-OS System Software in ACI Mode 15.2(2g), Cisco NX-OS System Software in ACI Mode 15.2(2h), Cisco NX-OS System Software in ACI Mode 15.2(3e), Cisco NX-OS System Software in ACI Mode 15.2(3f), Cisco NX-OS System Software in ACI Mode 15.2(3g), Cisco NX-OS System Software in ACI Mode 15.2(4d), Cisco NX-OS System Software in ACI Mode 15.2(4e), Cisco NX-OS System Software in ACI Mode 15.2(5c), Cisco NX-OS System Software in ACI Mode 15.2(5d), Cisco NX-OS System Software in ACI Mode 15.2(5e), Cisco NX-OS System Software in ACI Mode 15.2(4f), Cisco NX-OS System Software in ACI Mode 15.2(6e), Cisco NX-OS System Software in ACI Mode 15.2(6g), Cisco NX-OS System Software in ACI Mode 15.2(7f), Cisco NX-OS System Software in ACI Mode 15.2(7g), Cisco NX-OS System Software in ACI Mode 15.2(6h), Cisco NX-OS System Software in ACI Mode 15.2(8d), Cisco NX-OS System Software in ACI Mode 15.2(8e), Cisco NX-OS System Software in ACI Mode 15.2(8f), Cisco NX-OS System Software in ACI Mode 15.2(8g), Cisco NX-OS System Software in ACI Mode 15.2(8h), Cisco NX-OS System Software in ACI Mode 15.2(8i), Cisco NX-OS System Software in ACI Mode 16.0(1g), Cisco NX-OS System Software in ACI Mode 16.0(1j), Cisco NX-OS System Software in ACI Mode 16.0(2h), Cisco NX-OS System Software in ACI Mode 16.0(2j), Cisco NX-OS System Software in ACI Mode 16.0(3d), Cisco NX-OS System Software in ACI Mode 16.0(3e), Cisco NX-OS System Software in ACI Mode 16.0(4c), Cisco NX-OS System Software in ACI Mode 16.0(5h), Cisco NX-OS System Software in ACI Mode 16.0(3g), Cisco NX-OS System Software in ACI Mode 16.0(5j), Cisco NX-OS System Software in ACI Mode 16.0(6c), Cisco NX-OS System Software in ACI Mode 16.0(7e), Cisco NX-OS System Software in ACI Mode 16.0(8e), Cisco NX-OS System Software in ACI Mode 15.3(1d), Cisco NX-OS System Software in ACI Mode 15.3(2a), Cisco NX-OS System Software in ACI Mode 15.3(2b), Cisco NX-OS System Software in ACI Mode 15.3(2c), Cisco NX-OS System Software in ACI Mode 15.3(2d), Cisco NX-OS System Software in ACI Mode 15.3(2e), Cisco NX-OS System Software in ACI Mode 16.1(1f), Cisco NX-OS Software, Cisco NX-OS System Software in ACI Mode, Cisco MDS 9000 Multilayer Directors and Fabric Switches, Cisco Nexus 7000 Series Switches, Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches

Related Products

Product CVE Evidence
Cisco Nexus Dashboard CVE-2024-20397 Cisco OpenVuln
Cisco MDS 9000 Family of Multilayer Switches CVE-2024-20397 Cisco OpenVuln
Cisco Unified Computing System (Managed) CVE-2024-20397 Cisco OpenVuln
Cisco Nexus 9000 Series Switches CVE-2024-20397 Cisco OpenVuln
Cisco Nexus 7000 Series Switches CVE-2024-20397 Cisco OpenVuln
Cisco Nexus 3000 Series Switches CVE-2024-20397 Cisco OpenVuln
Cisco Nexus 3000 Series Switch CVE-2024-20397 Cisco OpenVuln
Cisco NX-OS System Software in ACI Mode CVE-2024-20397 Cisco OpenVuln
Cisco NX-OS Software CVE-2024-20397 Cisco OpenVuln
Cisco MDS 9000 Multilayer Directors and Fabric Switches CVE-2024-20397 Cisco OpenVuln