Details of VAR-202006-0258

ID

VAR-202006-0258

CVE

CVE-2020-10136

TITLE

IP-in-IP protocol routes arbitrary traffic by default

Trust: 0.8

sources: CERT/CC: VU#636397

DESCRIPTION

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of IP-in-IP, the traffic is unencrypted. An IP-in-IP device is considered to be vulnerable if it accepts IP-in-IP packets from any source to any destination without explicit configuration between the specified source and destination IP addresses. This unexpected Data Processing Error (CWE-19) by a vulnerable device can be abused to perform reflective DDoS and in certain scenarios used to bypass network access control lists. Because the forwarded network packet may not be inspected or verified by vulnerable devices, there are possibly other unexpected behaviors that can be abused by an attacker on the target device or the target device's network environment. An unauthenticated attacker can route network traffic through a vulnerable device, which may lead to reflective DDoS, information leak and bypass of network access controls. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. A code issue vulnerability exists in Cisco NX-OS Software due to the program decapsulating and processing the IP in an IP packet destined for a locally configured IP address. A remote attacker can exploit this vulnerability to bypass the access control list or cause a denial of service by means of a specially crafted IP in the IP packet. The following products and versions are affected: Nexus 1000 Virtual Edge for VMware vSphere; Nexus 1000V Switch for Microsoft Hyper-V; Nexus 1000V Switch for VMware vSphere; Nexus 3000 Series Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; Nexus 6000 Switches ; Nexus 7000 Series Switches; Nexus 9000 Series Switches in standalone NX-OS mode; UCS 6200 Series Fabric Interconnects; UCS 6300 Series Fabric Interconnects

Trust: 2.52

sources: NVD: CVE-2020-10136 // CERT/CC: VU#636397 // JVNDB: JVNDB-2020-004993 // VULHUB: VHN-162584 // VULMON: CVE-2020-10136

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)i1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1j\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(0\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(4.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(5\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u4\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv5\(1.2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm3\(2.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.15\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(9\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(6\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(7\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(24\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)d1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(3a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sk3\(2.2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(8\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.10\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(8\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(9a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(2.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.5a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1h\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1i\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(6\)n1\(2s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)d1\(2\)	Trust: 1.0
vendor:	cisco	model:	ucs manager	scope:	eq	version:	3.2\(3n\)a	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(3.15\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv5\(1.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(2\)d1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(5a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(3.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(8a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(14\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sk3\(2.2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(6b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sk3\(1.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(2\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(0\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u5\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(0\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)i1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a3\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(7\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(4\)n1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(2\)d1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm3\(1.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(5\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(2d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(1\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(2.8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(6\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(2\)d1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(6\)n1\(3s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(4\)	Trust: 1.0
vendor:	cisco	model:	unified computing system	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(10\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(4\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1g\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.2c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(7\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm3\(1.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(0\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(1\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.5b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(5\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(0\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(5\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(14b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(6\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(7\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(1\)	Trust: 1.0
vendor:	digi	model:	saros	scope:	lt	version:	8.1.0.1	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(5b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(0\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(6\)n1\(4s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)d1\(3a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(4\)n1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(18\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(3a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm3\(1.1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(4.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(0\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(6\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)i1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(0\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(1\)	Trust: 1.0
vendor:	treck	model:	tcp\/ip	scope:	lt	version:	6.0.1.67	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(3\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv5\(1.3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(4\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(9\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(9b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(5\)	Trust: 1.0
vendor:	hp	model:	x3220nr	scope:	lt	version:	3.00.11.08	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)i1\(1z\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(2.5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1e\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm3\(1.1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(22\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(0\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(4\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sk3\(2.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a1\(1e\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(6a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)a1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sk3\(2.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(9\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)a1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(1\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(20\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.4b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(8b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(4\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(3\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(4.1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(4\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(5\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)a1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sv3\(1.3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(2\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(4\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(0\)dx\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(4.92.4z\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)n1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(16\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(12\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)a4\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(20a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(14a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)d1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(5\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(7\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1\(4\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(9a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1b\)	Trust: 1.0
vendor:	digi	model:	saros	scope:	-	version:	-	Trust: 0.8
vendor:	treck	model:	tcp/ip stack	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	x3220nr	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-004993 // NVD: CVE-2020-10136

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-10136
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-004993
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202006-074
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-162584
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-10136
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-10136
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-004993
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-162584
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-10136
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-004993
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-162584 // VULMON: CVE-2020-10136 // JVNDB: JVNDB-2020-004993 // CNNVD: CNNVD-202006-074 // NVD: CVE-2020-10136

PROBLEMTYPE DATA

problemtype:	CWE-290	Trust: 1.9
problemtype:	CWE-19	Trust: 0.8

sources: CERT/CC: VU#636397 // VULHUB: VHN-162584 // JVNDB: JVNDB-2020-004993 // NVD: CVE-2020-10136

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-074

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202006-074

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-004993

PATCH

title:	Top Page	url:	https://www8.hp.com/us/en/home.html	Trust: 1.6
title:	cisco-sa-nxos-ipip-dos-kCT9X4	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4	Trust: 0.8
title:	Digi Security Center	url:	https://www.digi.com/resources/security	Trust: 0.8
title:	Cisco NX-OS Software Fixes for code issue vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119986	Trust: 0.6
title:	Cisco: Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-nxos-ipip-dos-kCT9X4	Trust: 0.1
title:	Contents	url:	https://github.com/hktalent/bug-bounty	Trust: 0.1
title:	欢迎关注阿尔法实验室微信公众号	url:	https://github.com/alphaSeclab/sec-daily-2020	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2020/06/08/security_roundup_june_5/	Trust: 0.1

sources: VULMON: CVE-2020-10136 // JVNDB: JVNDB-2020-004993 // CNNVD: CNNVD-202006-074

EXTERNAL IDS

db:	NVD	id:	CVE-2020-10136	Trust: 3.4
db:	CERT/CC	id:	VU#636397	Trust: 3.4
db:	JVNDB	id:	JVNDB-2020-004993	Trust: 0.8
db:	CNNVD	id:	CNNVD-202006-074	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.1917	Trust: 0.6
db:	VULHUB	id:	VHN-162584	Trust: 0.1
db:	VULMON	id:	CVE-2020-10136	Trust: 0.1

sources: CERT/CC: VU#636397 // VULHUB: VHN-162584 // VULMON: CVE-2020-10136 // JVNDB: JVNDB-2020-004993 // CNNVD: CNNVD-202006-074 // NVD: CVE-2020-10136

REFERENCES

url:	https://kb.cert.org/vuls/id/636397/	Trust: 2.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-nxos-ipip-dos-kct9x4	Trust: 2.5
url:	https://www.kb.cert.org/vuls/id/636397	Trust: 1.8
url:	https://www.digi.com/resources/security	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10136	Trust: 1.4
url:	https://datatracker.ietf.org/doc/html/rfc6169	Trust: 1.0
url:	https://tools.ietf.org/html/rfc2003	Trust: 0.8
url:	https://tools.ietf.org/html/rfc6169	Trust: 0.8
url:	https://github.com/certcc/poc-exploits/tree/master/cve-2020-10136	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10136	Trust: 0.8
url:	https://jvn.jp/ta/jvnta90492923/	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-10136	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1917/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-nx-os-ip-filtering-bypass-with-encapsulation-32373	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/290.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/hktalent/bug-bounty	Trust: 0.1

sources: CERT/CC: VU#636397 // VULHUB: VHN-162584 // VULMON: CVE-2020-10136 // JVNDB: JVNDB-2020-004993 // CNNVD: CNNVD-202006-074 // NVD: CVE-2020-10136

CREDITS

Thanks to Yannay Livneh for reporting this issue to us. This document was written by Vijay Sarvepalli.

Trust: 0.8

sources: CERT/CC: VU#636397

SOURCES

db:	CERT/CC	id:	VU#636397
db:	VULHUB	id:	VHN-162584
db:	VULMON	id:	CVE-2020-10136
db:	JVNDB	id:	JVNDB-2020-004993
db:	CNNVD	id:	CNNVD-202006-074
db:	NVD	id:	CVE-2020-10136

LAST UPDATE DATE

2024-08-14T15:28:07.541000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#636397	date:	2020-09-30T00:00:00
db:	VULHUB	id:	VHN-162584	date:	2020-07-29T00:00:00
db:	VULMON	id:	CVE-2020-10136	date:	2020-07-29T00:00:00
db:	JVNDB	id:	JVNDB-2020-004993	date:	2020-06-04T00:00:00
db:	CNNVD	id:	CNNVD-202006-074	date:	2020-07-30T00:00:00
db:	NVD	id:	CVE-2020-10136	date:	2024-06-17T22:15:10.090

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#636397	date:	2020-06-02T00:00:00
db:	VULHUB	id:	VHN-162584	date:	2020-06-02T00:00:00
db:	VULMON	id:	CVE-2020-10136	date:	2020-06-02T00:00:00
db:	JVNDB	id:	JVNDB-2020-004993	date:	2020-06-04T00:00:00
db:	CNNVD	id:	CNNVD-202006-074	date:	2020-06-01T00:00:00
db:	NVD	id:	CVE-2020-10136	date:	2020-06-02T09:15:09.967