var-202006-0258
Vulnerability from variot
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of IP-in-IP, the traffic is unencrypted. An IP-in-IP device is considered to be vulnerable if it accepts IP-in-IP packets from any source to any destination without explicit configuration between the specified source and destination IP addresses. This unexpected Data Processing Error (CWE-19) by a vulnerable device can be abused to perform reflective DDoS and in certain scenarios used to bypass network access control lists. Because the forwarded network packet may not be inspected or verified by vulnerable devices, there are possibly other unexpected behaviors that can be abused by an attacker on the target device or the target device's network environment. An unauthenticated attacker can route network traffic through a vulnerable device, which may lead to reflective DDoS, information leak and bypass of network access controls. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. A code issue vulnerability exists in Cisco NX-OS Software due to the program decapsulating and processing the IP in an IP packet destined for a locally configured IP address. A remote attacker can exploit this vulnerability to bypass the access control list or cause a denial of service by means of a specially crafted IP in the IP packet. The following products and versions are affected: Nexus 1000 Virtual Edge for VMware vSphere; Nexus 1000V Switch for Microsoft Hyper-V; Nexus 1000V Switch for VMware vSphere; Nexus 3000 Series Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; Nexus 6000 Switches ; Nexus 7000 Series Switches; Nexus 9000 Series Switches in standalone NX-OS mode; UCS 6200 Series Fabric Interconnects; UCS 6300 Series Fabric Interconnects
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-0258", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(0\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1e\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sk3\\(1.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i1\\(2\\)", }, { model: "ucs manager", scope: "eq", trust: 1, vendor: "cisco", version: "3.2\\(3n\\)a", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(0\\)dx\\(1\\)", }, { model: "tcp\\/ip", scope: "lt", trust: 1, vendor: "treck", version: "6.0.1.67", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm3\\(1.1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(9\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(2\\)d1\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a3\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(0\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)d1\\(3a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(0\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(6\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(2.8\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(1\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1j\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(5\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(8\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm3\\(2.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(8\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(7\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv5\\(1.2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i3\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(8a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(7\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(5\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(2\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u4\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(20\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(6\\)n1\\(2s\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i2\\(2b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(0\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sk3\\(2.2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)a1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(8b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u1\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(4\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(6\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(7\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.5b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv5\\(1.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(3\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(5\\)d1\\(1\\)", }, { model: "unified computing system", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u4\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(14a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(6\\)", }, { model: "x3220nr", scope: "lt", trust: 1, vendor: "hp", version: "3.00.11.08", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(7\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)d1\\(1d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(2c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(6\\)n1\\(4s\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n1\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)d1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(3\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(9\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm1\\(5.2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(3.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.15\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a3\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)n1\\(1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i2\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(3\\)i1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(1\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv5\\(1.3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(9b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(2d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(8b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(9\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(24\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i2\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(5b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(1\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(1\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(3\\)i1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.4b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(5a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1g\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(7\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(8\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(20a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(2b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(8\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(7\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(12\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(5\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(4\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(8\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(6b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u3\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(3\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(6\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm1\\(5.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1f\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(18\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1f\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm3\\(1.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u5\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(5\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(6\\)n1\\(3s\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(4.1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(2\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(2.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(4.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)a1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(3\\)i1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a3\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(4\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(2\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm1\\(5.2b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u4\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(6\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)a1\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(4\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sk3\\(2.1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(4\\)n1\\(1c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(4.1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(4\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i3\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(2.5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(1\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(2\\)d1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sk3\\(2.2b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(22\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(1d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(0\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u2\\(2d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(9a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.10\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(0\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(1\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u3\\(2b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1i\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm3\\(1.1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i2\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(0\\)d1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(2\\)d1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sk3\\(2.1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u3\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(1\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u4\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i3\\(3a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(2\\)d1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(14b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(3\\)i1\\(1z\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(3a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(0\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(1.5a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1e\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(6a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a4\\(6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)n2\\(6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)a1\\(1d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(16\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(2\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(4\\)n1\\(1d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(5\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1d\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(4\\)n1\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(7\\)n1\\(1a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.0\\(7\\)n1\\(1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)n1\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.2\\(0\\)d1\\(1\\)", }, { model: "saros", scope: "lt", trust: 1, vendor: "digi", version: "8.1.0.1", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(10\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(7\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u1\\(3\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(9a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u5\\(1h\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm1\\(5.2a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u2\\(4.92.4z\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u3\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i2\\(1\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sv3\\(3.15\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(14\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.0\\(3\\)u1\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u3\\(6\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm1\\(5.2c\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.0\\(2\\)u4\\(4\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(1\\)sm3\\(1.1b\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "5.2\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.2\\(8a\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "6.1\\(2\\)i3\\(2\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.1\\(3\\)n1\\(5\\)", }, { model: "nx-os", scope: "eq", trust: 1, vendor: "cisco", version: "7.3\\(4\\)d1\\(1\\)", }, { model: "saros", scope: null, trust: 0.8, vendor: "digi", version: null, }, { model: "tcp/ip stack", scope: null, trust: 0.8, vendor: "treck", version: null, }, { model: "nx-os", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "x3220nr", scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:digi:saros", vulnerable: true, }, { cpe22Uri: "cpe:/a:treck:tcp%2fip", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:nx-os", vulnerable: true, }, { cpe22Uri: "cpe:/o:hp:x3220nr_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004993", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Thanks to Yannay Livneh for reporting this issue to us. This document was written by Vijay Sarvepalli. ", sources: [ { db: "CERT/CC", id: "VU#636397", }, ], trust: 0.8, }, cve: "CVE-2020-10136", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2020-10136", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2020-004993", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-162584", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2020-10136", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "Low", baseScore: 5.3, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2020-004993", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-10136", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2020-004993", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202006-074", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-162584", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-10136", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-162584", }, { db: "VULMON", id: "CVE-2020-10136", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "CNNVD", id: "CNNVD-202006-074", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of IP-in-IP, the traffic is unencrypted. An IP-in-IP device is considered to be vulnerable if it accepts IP-in-IP packets from any source to any destination without explicit configuration between the specified source and destination IP addresses. This unexpected Data Processing Error (CWE-19) by a vulnerable device can be abused to perform reflective DDoS and in certain scenarios used to bypass network access control lists. Because the forwarded network packet may not be inspected or verified by vulnerable devices, there are possibly other unexpected behaviors that can be abused by an attacker on the target device or the target device's network environment. An unauthenticated attacker can route network traffic through a vulnerable device, which may lead to reflective DDoS, information leak and bypass of network access controls. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. A code issue vulnerability exists in Cisco NX-OS Software due to the program decapsulating and processing the IP in an IP packet destined for a locally configured IP address. A remote attacker can exploit this vulnerability to bypass the access control list or cause a denial of service by means of a specially crafted IP in the IP packet. The following products and versions are affected: Nexus 1000 Virtual Edge for VMware vSphere; Nexus 1000V Switch for Microsoft Hyper-V; Nexus 1000V Switch for VMware vSphere; Nexus 3000 Series Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; Nexus 6000 Switches ; Nexus 7000 Series Switches; Nexus 9000 Series Switches in standalone NX-OS mode; UCS 6200 Series Fabric Interconnects; UCS 6300 Series Fabric Interconnects", sources: [ { db: "NVD", id: "CVE-2020-10136", }, { db: "CERT/CC", id: "VU#636397", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "VULHUB", id: "VHN-162584", }, { db: "VULMON", id: "CVE-2020-10136", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-10136", trust: 3.4, }, { db: "CERT/CC", id: "VU#636397", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2020-004993", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202006-074", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1917", trust: 0.6, }, { db: "VULHUB", id: "VHN-162584", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-10136", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#636397", }, { db: "VULHUB", id: "VHN-162584", }, { db: "VULMON", id: "CVE-2020-10136", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "CNNVD", id: "CNNVD-202006-074", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, id: "VAR-202006-0258", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-162584", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:59:12.953000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 1.6, url: "https://www8.hp.com/us/en/home.html", }, { title: "cisco-sa-nxos-ipip-dos-kCT9X4", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { title: "Digi Security Center", trust: 0.8, url: "https://www.digi.com/resources/security", }, { title: "Cisco NX-OS Software Fixes for code issue vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119986", }, { title: "Cisco: Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-nxos-ipip-dos-kCT9X4", }, { title: "Contents", trust: 0.1, url: "https://github.com/hktalent/bug-bounty ", }, { title: "欢迎关注阿尔法实验室微信公众号", trust: 0.1, url: "https://github.com/alphaSeclab/sec-daily-2020 ", }, { title: "The Register", trust: 0.1, url: "https://www.theregister.co.uk/2020/06/08/security_roundup_june_5/", }, ], sources: [ { db: "VULMON", id: "CVE-2020-10136", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "CNNVD", id: "CNNVD-202006-074", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-290", trust: 1.9, }, { problemtype: "CWE-19", trust: 0.8, }, ], sources: [ { db: "CERT/CC", id: "VU#636397", }, { db: "VULHUB", id: "VHN-162584", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.6, url: "https://kb.cert.org/vuls/id/636397/", }, { trust: 2.5, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-nxos-ipip-dos-kct9x4", }, { trust: 1.8, url: "https://www.kb.cert.org/vuls/id/636397", }, { trust: 1.8, url: "https://www.digi.com/resources/security", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10136", }, { trust: 1, url: "https://datatracker.ietf.org/doc/html/rfc6169", }, { trust: 0.8, url: "https://tools.ietf.org/html/rfc2003", }, { trust: 0.8, url: "https://tools.ietf.org/html/rfc6169", }, { trust: 0.8, url: "https://github.com/certcc/poc-exploits/tree/master/cve-2020-10136", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10136", }, { trust: 0.8, url: "https://jvn.jp/ta/jvnta90492923/", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2020-10136", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1917/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/cisco-nx-os-ip-filtering-bypass-with-encapsulation-32373", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/290.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/hktalent/bug-bounty", }, ], sources: [ { db: "CERT/CC", id: "VU#636397", }, { db: "VULHUB", id: "VHN-162584", }, { db: "VULMON", id: "CVE-2020-10136", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "CNNVD", id: "CNNVD-202006-074", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#636397", }, { db: "VULHUB", id: "VHN-162584", }, { db: "VULMON", id: "CVE-2020-10136", }, { db: "JVNDB", id: "JVNDB-2020-004993", }, { db: "CNNVD", id: "CNNVD-202006-074", }, { db: "NVD", id: "CVE-2020-10136", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-02T00:00:00", db: "CERT/CC", id: "VU#636397", }, { date: "2020-06-02T00:00:00", db: "VULHUB", id: "VHN-162584", }, { date: "2020-06-02T00:00:00", db: "VULMON", id: "CVE-2020-10136", }, { date: "2020-06-04T00:00:00", db: "JVNDB", id: "JVNDB-2020-004993", }, { date: "2020-06-01T00:00:00", db: "CNNVD", id: "CNNVD-202006-074", }, { date: "2020-06-02T09:15:09.967000", db: "NVD", id: "CVE-2020-10136", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-09-30T00:00:00", db: "CERT/CC", id: "VU#636397", }, { date: "2020-07-29T00:00:00", db: "VULHUB", id: "VHN-162584", }, { date: "2020-07-29T00:00:00", db: "VULMON", id: "CVE-2020-10136", }, { date: "2020-06-04T00:00:00", db: "JVNDB", id: "JVNDB-2020-004993", }, { date: "2020-07-30T00:00:00", db: "CNNVD", id: "CNNVD-202006-074", }, { date: "2024-11-21T04:54:53.377000", db: "NVD", id: "CVE-2020-10136", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-074", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IP-in-IP protocol routes arbitrary traffic by default", sources: [ { db: "CERT/CC", id: "VU#636397", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202006-074", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.