Cisco security advisories for Network OS

[German]Administrators of Cisco products (switches etc.) need to patch. That's because the manufacturer issued six security advisories this week with warnings about weak points in products.

I became aware of this topic via the following tweet. The security advisories concern a number of Cisco products.

Threadpost points out these security advices. On August 26, 2020, Cisco Systems made public eight serious bugs affecting a number of its network devices, including its switches and fiber storage solutions. Cisco's NX-OS was the most severely affected: six security warnings concerned the network operating system that forms the basis of many Cisco solutions. In addition, further security warnings were issued for additional applications on August 27 and 29, 2020. Here is an extract from the Cisco Security Advisory:

• Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability: High, CVE-2020-3566, 2020 Aug 29
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability: High, CVE-2020-3452, 2020 Aug 27
• Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability: High, CVE-2020-3517, 2020 Aug 26
• Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability: High, CVE-2020-3415, 2020 Aug 26
• Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability: High, CVE-2020-3394, 2020 Aug 26
• Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability: High, CVE-2020-3398, 2020 Aug 26
• Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability: High, CVE-2020-3397, 2020 Aug 26
• Cisco NX-OS Software Call Home Command Injection Vulnerability: High, CVE-2020-3454, 2020 Aug 26
• Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability: High, CVE-2018-0307, 2020 Aug 26
• Cisco NX-OS Software CLI Arbitrary Command Execution Vulnerability: High, CVE-2018-0306, 2020 Aug 26
• Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability: High, CVE-2020-3338, 2020 Aug 26
• Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability: High, CVE-2019-1896, 2020 Aug 26
• Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability: Medium, CVE-2020-3504, 2020 Aug 26

Details can be found in the linked Cisco Security Advisories.