According to its self-reported version, Cisco IOS is affected by a vulnerability.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED 8ef07a9b52460f66cbdaba9731dd554497f0d1d1d77f460a5cc330be28f9bc859722af5c3c86e41d6bbaebacfb89745afe5e4c77fd1981b1b2e9abb55843aad0c27b71f0522b93403967d44f0364edef80d06d3cb4024c4be8c2b6a66a3f6aef31a3dddd5720b9244dce708a9753a3fc673d36bdcfa0365b618b19b463635d6158497784f9fdca0821c04ff05382ae764bc875241fde5a8b0f66eda90fe2267ae4ef5688e617b5e0e7a237b68886374f1d5f39d9ebd11900d429259bbe29465338aa2e34dc3c201cd0d3aa878bce49de2299e902cbb25510fefcbde8d30c19a07f73d9d71e6c69d3b926bfe87d299cee064927f5ce887b5712f7ebbf75239c7b9f3e9ad89a72cb2fecad8f5ed4802cf1e14bbf1e511ffdbffe236525392bf09518ba60390a573cefa5b887f1f3fadeac29bfd125598f30943b0493bba7dd96c7108f20f3065d933594ce98746c6e8167f01241d51c6169078402924e5aec81ea49883c894d7d5cba036f9f01b0a1b357eeaba4871d3f858ebbd0693cc27c8a8b97de5d1d5d1fca6b6be7df86dd40a0913abb70920b77e4f65a4ed53b22848cff7deabfe50a70e1d2b8b85ee09549500761bc1446f4ad1a525f70a48dafe7c3decc68037992cfbc5af61dbc05498a52f6e5a987f1f635abec55ff5be0cada4e1cf76d7c42ecdbcb273781dc9df19d9a1d4f2caf29f6fa329a4961a4f95826cecc
#TRUST-RSA-SHA256 2f4ca6d91b9cab5f8bff6e1d30cb35ac02c9c7670091feacbf86ca083d9034b2482c2dd3708b0bb8f6dc8e612b9b507862980c7cf7899935554d09205bc23beabee6b9b2260d1a21ddd7c0bfcac2e2e057a6dbc54abee9b4823a8d1ae5570a77523e145cc71d580096cc0e6467a7858c6e465f000722d4b26eb236049d49a23acedefd9d7dbe330245b18e3d3cbc1301fdac9bd815c4022732b65a42cb9725e3fea354d17205a7fda4d4efb64745cef350240f82350bd9691d5e4efa1d5b16bdbb7c4d75860ad93025dfa9bf1c79451f6f1615d0710c3818c16e1a581ebee124dbf94ce39e61515c7f00d841d5470f1102eb8823b9493591f6242bc509fc186ebf05fc8a922e662915a35b31eb4bd8415efb5f3557ac7859c418d0c448f71174551b9213399b316519703a456af761633c55298e78457b9651b1455ef710a6c5a1bd88ffbc1c8d6eeb4b4035b3c6f1702b73869db36734eb2a245a2ff68d43fb138067ad0dac8ef60f7035fbedeb7f5039462c0bf515d7753ee3c3b62740c6a64757e20de057daec93aa3dbc0c1174d6caf592913c9673fd6695ab95dd26057c4ed745ec3ca8fc4d17eb9fa706240c690eb3d4888389b5828edc27abea03f77ba1c2bb123a4cfe561ea944c1466d635d584d005e71c5fbc596e22be2c37fc5f97cd9c50bda5ae6816ba01e634277bbcce7d0975c59567018629cfeef7b8b42a8
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(192881);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/05");
script_cve_id("CVE-2024-20276");
script_xref(name:"CISCO-BUG-ID", value:"CSCwf55936");
script_xref(name:"CISCO-SA", value:"cisco-sa-ios-dos-Hq4d3tZG");
script_xref(name:"IAVA", value:"2024-A-0188");
script_name(english:"Cisco IOS Software for Catalyst 6000 Series Switches DoS (cisco-sa-ios-dos-Hq4d3tZG)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS is affected by a vulnerability.
- A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an
unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability
is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by
sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the
affected device to reload, resulting in a denial of service (DoS) condition. (CVE-2024-20276)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4e17ed5b");
# https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75056
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a1da659d");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf55936");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf55936");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20276");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(248);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/27");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/03");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version", "Host/Cisco/IOS/Model");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco IOS');
var model = toupper(product_info.model);
# Vulnerable model list
if ('CATALYST' >!< model || model !~ "6500|6800")
audit(AUDIT_HOST_NOT, 'affected');
var version_list=make_list(
'15.5(1)SY5',
'15.5(1)SY6',
'15.5(1)SY7',
'15.5(1)SY8',
'15.5(1)SY9',
'15.5(1)SY10',
'15.5(1)SY11'
);
var workarounds = make_list(CISCO_WORKAROUNDS['generic_workaround']);
var workaround_params = [
WORKAROUND_CONFIG['port_security'],
WORKAROUND_CONFIG['device_classifier']
];
var reporting = make_array(
'port' , product_info['port'],
'severity', SECURITY_WARNING,
'version' , product_info['version'],
'cmds' , make_list('show running-config'),
'bug_id' , 'CSCwf55936'
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
workaround_params:workaround_params,
reporting:reporting,
vuln_versions:version_list
);