{"id":15521,"date":"2020-09-01T01:10:59","date_gmt":"2020-08-31T23:10:59","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=15521"},"modified":"2020-11-26T20:33:55","modified_gmt":"2020-11-26T19:33:55","slug":"cisco-sicherheitfixes-fr-network-os","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/09\/01\/cisco-sicherheitfixes-fr-network-os\/","title":{"rendered":"Cisco security advisories for Network OS"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/08\/31\/cisco-sicherheitfixes-fr-network-os\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Administrators of Cisco products (switches etc.) need to patch. That's because the manufacturer issued six security advisories this week with warnings about weak points in products.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg05.met.vgwort.de\/na\/202e067851d0426386ac1e07a5979b85\" width=\"1\" height=\"1\">I became aware of this topic via the following <a href=\"https:\/\/twitter.com\/threatpost\/status\/1300176465758162944\" target=\"_blank\" rel=\"noopener noreferrer\">tweet<\/a>. The security advisories concern a number of Cisco products.<\/p>\n<p><a href=\"https:\/\/twitter.com\/threatpost\/status\/1300176465758162944\" target=\"_blank\" rel=\"noopener noreferrer\"><img decoding=\"async\" title=\"Cisco-Alert\" alt=\"Cisco-Alert\" src=\"https:\/\/i.imgur.com\/xbnKYhS.jpg\"><\/a><\/p>\n<p>Threadpost <a href=\"https:\/\/threatpost.com\/cisco-high-severity-bugs-impact-switches-fibre-storage\/158691\/\" target=\"_blank\" rel=\"noopener noreferrer\">points out these security advices<\/a>. On August 26, 2020, Cisco Systems made public eight serious bugs affecting a number of its network devices, including its switches and fiber storage solutions. Cisco's NX-OS was the most severely affected: six security warnings concerned the network operating system that forms the basis of many Cisco solutions. In addition, further security warnings were issued for additional applications on August 27 and 29, 2020. Here is an extract from the <a href=\"https:\/\/tools.cisco.com\/security\/center\/publicationListing.x?product=Cisco&amp;sort=-day_sir#~Vulnerabilities\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Security Advisory<\/a>:<\/p>\n<ul>\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability<\/a>: High, CVE-2020-3566, 2020 Aug 29\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-ro-path-KJuQhB86\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability<\/a>: High, CVE-2020-3452, 2020 Aug 27\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability<\/a>: High, CVE-2020-3517, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-nxos-dme-rce-cbE3nhZS\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability<\/a>: High, CVE-2020-3415, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-n3n9k-priv-escal-3QhXJBC\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability<\/a>: High, CVE-2020-3394, 2020 Aug 26\n<li><a href=\"https:\/\/web.archive.org\/web\/20201105171240\/https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability<\/a>: High, CVE-2020-3398, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-nxosbgp-nlri-dos-458rG2OQ\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability<\/a>: High, CVE-2020-3397, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-callhome-cmdinj-zkxzSCY\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software Call Home Command Injection Vulnerability<\/a>: High, CVE-2020-3454, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20180620-nx-os-cli-injection\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability<\/a>: High, CVE-2018-0307, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20180620-nx-os-cli-execution\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software CLI Arbitrary Command Execution Vulnerability<\/a>: High, CVE-2018-0306, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-nxos-pim-memleak-dos-tC8eP7uw\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability<\/a>: High, CVE-2020-3338, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190821-imc-cmdinject-1896\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability<\/a>: High, CVE-2019-1896, 2020 Aug 26\n<li><a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ucs-cli-dos-GQUxCnTe\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability<\/a>: Medium, CVE-2020-3504, 2020 Aug 26<\/li>\n<\/ul>\n<p>Details can be found in the linked Cisco Security Advisories.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Administrators of Cisco products (switches etc.) need to patch. That's because the manufacturer issued six security advisories this week with warnings about weak points in products.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580,1547,22],"tags":[1354,69],"class_list":["post-15521","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","category-software","category-update","tag-cisco","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/15521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=15521"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/15521\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=15521"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=15521"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=15521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}