CVE-2020-3170

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the Cisco NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default.

CVSS v3 5.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:mds_9132t:-:::::::*
	cpe:2.3:h:cisco:mds_9148s:-:::::::*
	cpe:2.3:h:cisco:mds_9148t:-:::::::*
	cpe:2.3:h:cisco:mds_9216:-:::::::*
	cpe:2.3:h:cisco:mds_9216a:-:::::::*
	cpe:2.3:h:cisco:mds_9216i:-:::::::*
	cpe:2.3:h:cisco:mds_9222i:-:::::::*
	cpe:2.3:h:cisco:mds_9506:-:::::::*
	cpe:2.3:h:cisco:mds_9509:-:::::::*
	cpe:2.3:h:cisco:mds_9513:-:::::::*
	cpe:2.3:h:cisco:mds_9706:-:::::::*
	cpe:2.3:h:cisco:mds_9710:-:::::::*
	cpe:2.3:h:cisco:mds_9718:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_7000:-:::::::*
	cpe:2.3:h:cisco:nexus_7700:-:::::::*

History

21 Nov 2024, 05:30

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos - Vendor Advisory

Information

Published : 2020-02-26 17:15

Updated : 2024-11-21 05:30

NVD link : CVE-2020-3170

Mitre link : CVE-2020-3170

CVE.ORG link : CVE-2020-3170

JSON object : View

Products Affected

cisco

mds_9132t
mds_9216a
mds_9222i
mds_9506
nexus_7000
mds_9509
mds_9513
nexus_7700
mds_9718
mds_9710
mds_9216
mds_9706
mds_9148t
mds_9216i
nx-os
mds_9148s

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2020-3170", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-02-26T17:15:13.140", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-api-dos", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exploit this vulnerability by sending a crafted HTTP request to the NX-API on an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition in the NX-API service; however, the Cisco NX-OS device itself would still be available and passing network traffic. Note: The NX-API feature is disabled by default."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad NX-API de Cisco NX-OS Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un proceso del sistema NX-API se reinicie inesperadamente. La vulnerabilidad es debido a una comprobaci\u00f3n incorrecta del encabezado HTTP de una petici\u00f3n que es enviada hacia la NX-API. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada hacia la NX-API sobre un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio NX-API; sin embargo, el dispositivo Cisco NX-OS por s\u00ed mismo estar\u00eda a\u00fan disponible y pasando tr\u00e1fico de red. Nota: La funcionalidad NX-API est\u00e1 deshabilitada por defecto."}], "lastModified": "2024-11-21T05:30:28.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13555705-A800-43A9-9A74-CA3243B97ECB", "versionEndExcluding": "8.4\\(1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC"}, {"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F"}, {"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8"}, {"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC"}, {"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F"}, {"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415"}, {"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395"}, {"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F"}, {"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70"}, {"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5"}, {"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F"}, {"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9"}, {"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF541F60-D6BE-4F6C-A66D-B606411CE6E9", "versionEndExcluding": "8.2\\(5\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}

5.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2020-3170

5.3^/10

4.3^/10

Attach tags to `CVE-2020-3170`