Detections
Analytics

Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation (cisco-sa-n3n9k-priv-escal-3QhXJBC)

high Nessus Plugin ID 140097

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the Enable Secret feature due to a logic error in the implementation of the enable command. An authenticated, local attacker can exploit this, by logging in to the device and issuing the enable command, in order to gain full administrative privileges without using the enable password.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvt77885

See Also

http://www.nessus.org/u?4c634fbd

http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74239

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt77885

Plugin Details

Severity: High

ID: 140097

File Name: cisco-sa-n3n9k-priv-escal-3QhXJBC.nasl

Version: 1.9

Type: combined

Family: CISCO

Published: 9/1/2020

Updated: 3/8/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-3394

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 8/26/2020

Vulnerability Publication Date: 8/26/2020

Reference Information

CVE: CVE-2020-3394

CWE: 285

CISCO-SA: cisco-sa-n3n9k-priv-escal-3QhXJBC

IAVA: 2020-A-0394-S

CISCO-BUG-ID: CSCvt77885