Multiple Vulnerabilities in Cisco Products Could Allow for Unauthorized Access

ITS Advisory Number: 
2016-170
Date(s) Issued: 
Thursday, October 6, 2016
Subject: 
Multiple Vulnerabilities in Cisco Products Could Allow for Unauthorized Access
Overview: 

Multiple Cisco products are prone to vulnerabilities that could allow for unauthorized access. Successful exploitation could potentially allow an attacker to take control of the affected system and perform unauthorized actions.

Systems Affected: 
  • Cisco Multilayer Director Switches
  • Nexus 1000V Series Switches
  • Nexus 2000 Series Fabric Extenders
  • Nexus 3000 Series Switches
  • Nexus 3500 Platform Switches
  • Nexus 4000 Series Switches
  • Nexus 5000 Series Switches
  • Nexus 5500 Platform Switches
  • Nexus 5600 Platform Switches
  • Nexus 6000 Series Switches
  • Nexus 7000 Series Switches
  • Nexus 7700 Series Switches
  • Nexus 9000 Series Switches in NX-OS mode
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
N/A
Description: 

Multiple Cisco products are prone to multiple vulnerabilities. These vulnerabilities could allow for unauthorized access. These vulnerabilities are as follows:

  • A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions.

    • The vulnerability is due to the improper processing of certain parameters that are passed to an affected device during the negotiation of an SSH connection.

    • An attacker could exploit this vulnerability by authenticating to an affected device and passing a malicious value as part of the login procedure.

    • A successful exploit could allow an attacker to bypass AAA restrictions and execute commands on the device command-line interface (CLI) that should be restricted to a different privileged user role.

    • This vulnerability is rated with a base CVSS Score of 9.0 [CVE-2015-0721]

  • A vulnerability in the Overlay Transport Virtualization (OTV) generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code.

    • The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow.

    • An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device.

    • An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the OTV related process on the affected device.

    • This vulnerability is rated with a base CVSS Score of 10.0 [CVE-2016-1453]

 

Actions: 
  • After appropriate testing, apply applicable patches/updates provided by Cisco to the vulnerable systems.
  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.