Detections
Analytics

Cisco NX-OS Software Anycast Gateway Invalid ARP (CVE-2020-3174)

medium Tenable OT Security Plugin ID 501269

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?1aa6dcf2

Plugin Details

Severity: Medium

ID: 501269

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 7/25/2023

Updated: 7/26/2023

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 1.6

CVSS v2

Risk Factor: Low

Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2020-3174

CVSS v3

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 4.1

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os:8.1%281%29, cpe:/o:cisco:nx-os:8.4%281%29, cpe:/o:cisco:nx-os:9.3%281%29

Required KB Items: Tenable.ot/Cisco

Exploit Ease: No known exploits are available

Patch Publication Date: 2/26/2020

Vulnerability Publication Date: 2/26/2020

Reference Information

CVE: CVE-2020-3174

CWE: 345