CVE-2023-20016 – Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability
https://notcve.org/view.php?id=CVE-2023-20016
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA • CWE-321: Use of Hard-coded Cryptographic Key CWE-330: Use of Insufficiently Random Values •
CVE-2023-20015 – Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20015
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-10136 – IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic
https://notcve.org/view.php?id=CVE-2020-10136
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. Múltiples productos que implementan la IP Encapsulation dentro del estándar IP (RFC 2003, STD 1) desencapsulan y enrutan el tráfico IP-in-IP sin ninguna comprobación, lo que podría permitir a un atacante remoto no autenticado enrutar tráfico arbitrario por medio de una interfaz de red expuesta y conllevar a una falsificación, omisión de control de acceso y otros comportamientos inesperados de la red. • https://datatracker.ietf.org/doc/html/rfc6169 https://kb.cert.org/vuls/id/636397 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4 https://www.digi.com/resources/security https://www.kb.cert.org/vuls/id/636397 • CWE-290: Authentication Bypass by Spoofing •