ID

VAR-202008-0794


CVE

CVE-2020-3394


TITLE

NX-OS Vulnerability regarding lack of authentication in

Trust: 0.8

sources: JVNDB: JVNDB-2020-010298

DESCRIPTION

A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default. NX-OS Exists in a vulnerability related to lack of authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Nexus 3000 is a set of Cisco switch equipment

Trust: 2.16

sources: NVD: CVE-2020-3394 // JVNDB: JVNDB-2020-010298 // CNVD: CNVD-2020-49570

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-49570

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nexusscope:eqversion:3000

Trust: 0.6

sources: CNVD: CNVD-2020-49570 // JVNDB: JVNDB-2020-010298 // NVD: CVE-2020-3394

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3394
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3394
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-010298
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-49570
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202008-1304
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-3394
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-010298
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-49570
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-3394
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3394
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-010298
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-49570 // JVNDB: JVNDB-2020-010298 // CNNVD: CNNVD-202008-1304 // NVD: CVE-2020-3394 // NVD: CVE-2020-3394

PROBLEMTYPE DATA

problemtype:CWE-862

Trust: 1.8

problemtype:CWE-285

Trust: 1.0

sources: JVNDB: JVNDB-2020-010298 // NVD: CVE-2020-3394

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-1304

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202008-1304

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-010298

PATCH

title:cisco-sa-n3n9k-priv-escal-3QhXJBCCVE-2020-3394url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC

Trust: 0.8

title:Patch for Cisco Nexus 3000 switch privilege escalation vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/232393

Trust: 0.6

title:Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127511

Trust: 0.6

sources: CNVD: CNVD-2020-49570 // JVNDB: JVNDB-2020-010298 // CNNVD: CNNVD-202008-1304

EXTERNAL IDS

db:NVDid:CVE-2020-3394

Trust: 3.0

db:JVNDBid:JVNDB-2020-010298

Trust: 0.8

db:CNVDid:CNVD-2020-49570

Trust: 0.6

db:NSFOCUSid:48724

Trust: 0.6

db:AUSCERTid:ESB-2020.2946

Trust: 0.6

db:CNNVDid:CNNVD-202008-1304

Trust: 0.6

sources: CNVD: CNVD-2020-49570 // JVNDB: JVNDB-2020-010298 // CNNVD: CNNVD-202008-1304 // NVD: CVE-2020-3394

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-n3n9k-priv-escal-3qhxjbc

Trust: 2.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3394

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3394

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.2946/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/48724

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-nexus-3000-9000-privilege-escalation-via-enable-secret-33175

Trust: 0.6

sources: CNVD: CNVD-2020-49570 // JVNDB: JVNDB-2020-010298 // CNNVD: CNNVD-202008-1304 // NVD: CVE-2020-3394

SOURCES

db:CNVDid:CNVD-2020-49570
db:JVNDBid:JVNDB-2020-010298
db:CNNVDid:CNNVD-202008-1304
db:NVDid:CVE-2020-3394

LAST UPDATE DATE

2024-08-14T14:44:45.596000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-49570date:2020-08-31T00:00:00
db:JVNDBid:JVNDB-2020-010298date:2021-01-06T01:58:58
db:CNNVDid:CNNVD-202008-1304date:2020-09-14T00:00:00
db:NVDid:CVE-2020-3394date:2020-09-09T15:20:37.250

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-49570date:2020-08-31T00:00:00
db:JVNDBid:JVNDB-2020-010298date:2021-01-06T01:58:58
db:CNNVDid:CNNVD-202008-1304date:2020-08-26T00:00:00
db:NVDid:CVE-2020-3394date:2020-08-27T16:15:12.037