GovCERT.HK - Security Alert (A16-10-01): Multiple Vulnerabilities in Cisco Products

Description:

Cisco has released five security advisories fixing a number of vulnerabilities in Cisco NX-OS Software. A remote attacker could exploit the vulnerabilities by sending maliciously crafted BGP update message, DHCPv4 or OTV UDP packet to the affected device.

Affected Systems:

Multilayer Director Switches
Nexus 1000V Series Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 4000 Series Switches
Nexus 5000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches (in ACI mode or NX-OS mode)

The complete list of vulnerable systems can be found in the "Affected Products" section of individual Cisco Security Advisory available at:

1. Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa

2. Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv

3. Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp

4. Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1

5. Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2

Impact:

Depending on the vulnerability exploited, a successful attack could cause arbitrary code execution, security restrictions bypass, denial-of-service condition, or reload of a vulnerable device.

Recommendation:

Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.

Users should contact their product support vendors for the fixes and assistance.

More Information:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv
https://www.us-cert.gov/ncas/current-activity/2016/10/05/Cisco-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6393

Tag: Cisco , Cisco NX-OS