Sårbarheter i Cisco Discovery Protocol

Sårbarhet Cisco Cisco Discovery Protocol

Cisco har publicerat säkerhetsrättningar gällande sårbarheter i Cisco Discovery Protocol som berör ett flertal produkter. [1, 2, 3, 4, 5]

Sårbarheten möjliggör bl.a. för en användare med fysisk access till det berörda nätverket att köra godtycklig kod.

Påverkade produkter

CVE-2020-3110

Video Surveillance 3000 Series IP Cameras
Video Surveillance 4000 Series High-Definition IP Cameras
Video Surveillance 4300E and 4500E High-Definition IP Cameras
Video Surveillance 6000 Series IP Cameras
Video Surveillance 7000 Series IP Cameras
Video Surveillance PTZ IP Cameras

CVE-2020-3111

IP Conference Phone 7832IP Conference Phone 7832 with Multiplatform Firmware
IP Conference Phone 8832IP Conference Phone 8832 with Multiplatform Firmware
IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform Firmware
IP Phone 7811, 7821, 7841, 7861 Desktop Phones
IP Phone 7811, 7821, 7841, 7861 Desktop Phones with Multiplatform Firmware
IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones
IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones with Multiplatform Firmware
Unified IP Conference Phone 8831
Unified IP Conference Phone 8831 for Third-Party Call Control
Wireless IP Phone 8821, 8821-EX

CVE-2020-3118

ASR 9000 Series Aggregation Services Routers
Carrier Routing System (CRS)IOS XRv 9000 Router
Network Convergence System (NCS) 540 Series Routers
Network Convergence System (NCS) 560 Series Routers
Network Convergence System (NCS) 1000 Series Routers
Network Convergence System (NCS) 5000 Series Routers
Network Convergence System (NCS) 5500 Series Routers
Network Convergence System (NCS) 6000 Series Routers

CVE-2020-3119

Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects

CVE-2020-3120

ASR 9000 Series Aggregation Services Routers
Carrier Routing System (CRS)Firepower 4100 Series
Firepower 9300 Security Appliances
IOS XRv 9000 Router
MDS 9000 Series Multilayer Switches
Network Convergence System (NCS) 540 Series Routers
Network Convergence System (NCS) 560 Series Routers
Network Convergence System (NCS) 1000 Series
Network Convergence System (NCS) 5000 Series
Network Convergence System (NCS) 5500 Series
Network Convergence System (NCS) 6000 Series
Nexus 1000 Virtual Edge for VMware vSphere
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects

Rekommendationer

CERT-SE rekommenderar att snarast uppdatera sårbara produkter.

Källor

[1] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos

[2] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce

[3] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-ipcameras-rce-dos

[4] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce

[5] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos