Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-JP-DOS-G5FFGM8Y-IOSXE.NASLHistoryApr 23, 2021 - 12:00 a.m.
Cisco Catalyst 9200 Series Switches Jumbo Frame DoS (cisco-sa-JP-DOS-g5FfGm8y)
2021-04-2300:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
38
cisco catalyst 9200
switches
jumbo frame dos
vulnerability
security patch
remote device
management interface
cisco bid
cisco security advisory
cve-2020-3527
cscvr37065
iava-2020-a-0439-s
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
0.002
Percentile
52.7%
According to its self-reported version, Cisco IOS XE Software is affected by a denial of service vulnerability due to insufficient packet size validation. An unauthenticated, remote attacker can exploit this, by sending jumbo frames or frames larger than the configured MTU size to the management interface of an affected device, to crash the device.
Please see the included Cisco BID and Cisco Security Advisory for more information.
#TRUSTED 8f92f2e4f6db07312dd2c516670b1fccd2f9facd68b0a43a9b72d32c0fea3c9d84614a2ccbf636351ff4806c5af1025079fbd496bdf53c9e587d9c8d7e8ff37ee9c0a6906171babf3b9846c7da900757f55f2434cd57488064f323a59ecfacb57ff3f772584481e72b4dbab9b0350de84b6b1aee74e80aab51489b66917c3b9cbae79183fe44c805cb52056318f6eda2a144072f16fdb503ea0f6bb02d283ea631eeda8033d26b1b56cc15ff112e4b42fb3316b3062633a5da978576faa65b175a5ec87c1431bae55cdc05f43a8c6bb80277b29a414bf77e39a211a44a772632210996e6c265820581f7e7e8bdfafe93c5ce97ab3250b3d271971d4a2e072f07a6e7ccc525669449e73406524e307440816b1ff2eac1a44f1b76f57c4d51ba8bd99b4507e3c0ae4b25a337d7b9afefed2780966841428c54bd8375784722876dfaf2c83a5c510d26d5a95edc0d947e2dba41c08698bc8519afaafe259a0dcad5d984071ef240d5b7d7b196506458768e175177610e053ad00fd6c7b21d70c759e9b9a88eda519e7323b7e9f2074971b333d5a331a90c7908ac567a16fcad41412577a6277ff1a8b022f745a0119c90d333a87a93bcf910f961c7ca1ae2c9165ecd4662106a8b2d4ed481d47c2d01deec9f7f1cd191829ab088358333b371b1c849b021cbea8c95c9ccbdf712835ae579adf9303a514f04d20d690390597359a6
#TRUST-RSA-SHA256 99dcbc87136137417e8b396e55db353b551d1915c6fd62676f872ab53c344dacba9c4f7ab1a1dcd423701dc23eff1ce777b47d2daaf5ecaf0dcc910c6d91e46692953d502bf2d22cebd5a21b58ee85aac707df957c967592860fe70d31daa7fd224e664ca7061807db994e21419a2621aa1e08fac67f587ed8537287b781a7466d44f6cf7c4dce4bf7057be04032dac52b7e1d81e286d551fa22aa505afb274afdfb0330b441db53f9373533c5752cea96f3893e1dd674f1f5cd1fdc68bec0669679e1e580a1e083040bba719c77a0d2e3a72f85ac16c0adcba5098b386c6a45b539dadcb8ec06fd7d43031c59bf251a490cbd1bb20e2724fded43678851f5eb52645914a91de95e42afe69630a115f9cd9573df9117ce14083898472e56071a0b79e8101ea9bf5155ba61193bdfab5ba973d334a534c6a03959d0870db6c6bc38a6bb20d18af45ca70f50db687de1c2a00afa0e0047535bcbe062f8520d0706dee0a990d594779c7178fb06348062f89651fb5c0dea4de3ad60502215eb267dfd5f078d5ee0a0bd2d5b66157fd06bebf81b31d51adfa52a237e521ca6c5adb582a99b4fcfbefd1a30b7e78bfac32d86663d9379975ffd204ca40404e06ced77d16b4dc40868db98c3a5289e838ca719e6d671dc4b467341aff5605f0ebdbb9c9ded4b1b484d478862ac2f38d8e5924323fa744e76e6508667c9c04ae7255bf4
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(148951);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/28");
script_cve_id("CVE-2020-3527");
script_xref(name:"CISCO-BUG-ID", value:"CSCvr37065");
script_xref(name:"CISCO-SA", value:"cisco-sa-JP-DOS-g5FfGm8y");
script_xref(name:"IAVA", value:"2020-A-0439-S");
script_name(english:"Cisco Catalyst 9200 Series Switches Jumbo Frame DoS (cisco-sa-JP-DOS-g5FfGm8y)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS XE Software is affected by a denial of service vulnerability due to
insufficient packet size validation. An unauthenticated, remote attacker can exploit this, by sending jumbo frames or
frames larger than the configured MTU size to the management interface of an affected device, to crash the device.
Please see the included Cisco BID and Cisco Security Advisory for more information.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-JP-DOS-g5FfGm8y
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6e04a5a3");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr37065");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvr37065");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3527");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/24");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/23");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version", "Host/Cisco/IOS-XE/Model");
exit(0);
}
include('ccf.inc');
product_info = cisco::get_product_info(name:'Cisco IOS XE Software');
model = product_info['model'];
# Catalyst 9200 Series Switches
# Catalyst switches don't necessarily have "cat" or "catalyst in model or device_model, but the only
# things that come up when I attempt to search for "Cisco 9200" are Catalyst devices. Should be safe
# to just check for 9200 series.
if ((model !~ '92[0-9][0-9]([^0-9]|$)'))
audit(AUDIT_HOST_NOT, 'an affected model');
vuln_ranges = [
{ 'min_ver' : '16.9', 'fix_ver' : '16.9.5' },
{ 'min_ver' : '16.12', 'fix_ver' : '16.12.3' }
];
reporting = make_array(
'port' , product_info['port'],
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCvr37065',
'disable_caveat' , TRUE
);
cisco::check_and_report(
product_info:product_info,
reporting:reporting,
vuln_ranges:vuln_ranges
);
Related
cisco
cisco
nvd
nvd
CVE-2020-3527
2020-09-24 18:15:21
prion
prion
Design/Logic Flaw
2020-09-24 18:15:00
cvelist
cvelist
cve
cve
CVE-2020-3527
2020-09-24 18:15:21
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
0.002
Percentile
52.7%
Related for CISCO-SA-JP-DOS-G5FFGM8Y-IOSXE.NASL