CVE-2020-3174Insufficient Verification of Data Authenticity in Cisco Nx-os Software 7.3 D1

CWE-345Insufficient Verification of Data Authenticity4 documents4 sources
Severity
4.7MEDIUMNVD
EPSS
0.1%
top 71.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Nx-os Software 7.3 D1Cisco Nx-os
Timeline
PublishedFeb 26
Latest updateMay 24

Description

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco/cisco_nx-os_software_7.3_d1unspecifiedn/a
NVDcisco/nx-os8.1\(1\), 8.4\(1\), 9.3\(1\)+2

🔴Vulnerability Details

2
GHSA
GHSA-44pg-r8gr-j75x: A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn in2022-05-24
CVEList
Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability2020-02-26

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability2020-02-26
CVE-2020-3174 — Cisco vulnerability | cvebase