Risk | Low |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2024-20284 CVE-2024-20285 CVE-2024-20286 |
CWE-ID | CWE-693 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Cisco NX-OS Operating systems & Components / Operating system Cisco MDS 9000 Series Multilayer Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Nexus 3000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 5500 Platform Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 5600 Platform Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Nexus 6000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Nexus 7000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Nexus 9000 Series Switches NX-OS Mode Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU96610
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20284
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can manipulate specific functions within the Python interpreter to escape the Python sandbox and execute arbitrary commands on the underlying operating system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco NX-OS: 6.0(2)A6(1) - 10.4(3)
Cisco MDS 9000 Series Multilayer Switches: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Cisco Nexus 6000 Series Switches: All versions
Cisco Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches NX-OS Mode: All versions
External linkshttp://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du
http://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96611
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20285
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can manipulate specific functions within the Python interpreter to escape the Python sandbox and execute arbitrary commands on the underlying operating system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco MDS 9000 Series Multilayer Switches: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Cisco Nexus 6000 Series Switches: All versions
Cisco Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches NX-OS Mode: All versions
Cisco NX-OS: 6.0(2)A6(1) - 10.4(3)
External linkshttp://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du
http://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU96612
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20286
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can manipulate specific functions within the Python interpreter to escape the Python sandbox and execute arbitrary commands on the underlying operating system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco MDS 9000 Series Multilayer Switches: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Cisco Nexus 6000 Series Switches: All versions
Cisco Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches NX-OS Mode: All versions
Cisco NX-OS: 6.0(2)A6(1) - 10.4(2)
External linkshttp://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du
http://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.