cisco-sa-n3n9k-priv-escal-3QhXJBC: Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability
First published: Wed Aug 26 2020(Updated: )
A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3n9k-priv-escal-3QhXJBC This advisory is part of the August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes seven Cisco Security Advisories that describe seven vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Nexus Series | ||
| Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-n3n9k-priv-escal-3QhXJBC?
The severity of cisco-sa-n3n9k-priv-escal-3QhXJBC is considered high as it allows authenticated local attackers to gain administrative privileges.
How do I fix cisco-sa-n3n9k-priv-escal-3QhXJBC?
To fix cisco-sa-n3n9k-priv-escal-3QhXJBC, upgrade to the latest recommended version of Cisco Nexus 3000 or 9000 Series Switches software.
Who is affected by cisco-sa-n3n9k-priv-escal-3QhXJBC?
Cisco Nexus 3000 Series and 9000 Series Switches in standalone NX-OS mode are affected by cisco-sa-n3n9k-priv-escal-3QhXJBC.
What can an attacker do with cisco-sa-n3n9k-priv-escal-3QhXJBC?
An attacker can exploit cisco-sa-n3n9k-priv-escal-3QhXJBC to issue the enable command and gain full administrative access to the affected switches.
Is cisco-sa-n3n9k-priv-escal-3QhXJBC a local or remote vulnerability?
cisco-sa-n3n9k-priv-escal-3QhXJBC is a local vulnerability that requires physical or authenticated local access to the device.
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/author
- agent/weakness
- agent/references
- agent/remedy
- agent/severity
- agent/title
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nexus series
- canonical/cisco nexus 9000 series application centric infrastructure (aci) mode switch software