Descripción

El PSIRT (Product Security Incident Response Team) de Cisco publicó avisos de seguridad para diversos productos que incluyen 4 con severidad alta y 1 con severidad media.

Sistemas afectados

1. Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
Base Score: 8.6 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X

2. Cisco NX-OS Software NX-API Command Injection Vulnerability
Base Score: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

3. Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability
Base Score: 8.6 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X

4. Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability
Base Score: 8.6 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X

5. Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability - SIR: Medium
Base Score: 4.3 Medium
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:X

Vulnerabilidades

• Inyección de comandos
• Denegación de servicio

Impacto

Esto podría permitir a un atacante ejecutar comandos o provocar interrupciones.

Solución

Aplicar las actualizaciones de software

Referencias

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cfsoip-dos-tpykyDr
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG