Cisco FXOS SNMP Service Flaw Let Attacker Trigger DoS Condition
A Denial-of-Service (DoS) vulnerability has been found within the Cisco Firepower 4100 Sequence, Firepower 9300 Security Dwelling equipment, and UCS 6300 Sequence Fabric Interconnects that would perchance also enable an authenticated, distant attacker to space off a denial-of-carrier condition on any affected system.
Attributable to rotten handling, this particular flaw exists in SNMP (Uncomplicated Network Management Protocol) requests.
A threat actor can exploit this vulnerability by sending a crafted SNMP inquire of of to a prone system, inflicting this DoS condition. A hit exploitation causes the prone system to reload, making the carrier unavailable.
Nonetheless, there are must haves for an attacker to exploit this vulnerability on the SNMPv2c or earlier.
An attacker requires information about the “SNMP neighborhood string” that consists of a user ID or password for accessing the router’s statistics.
CVE-2023-20200: Cisco SNMP Denial of Service Vulnerability
Apart from, to exploit this vulnerability on the SNMPv3, the attacker requires trusty credentials for an SNMP user configured on the affected system.
The CVE ID for this vulnerability has been given as CVE-2023-20200 and has a severity of seven.7 (High).
Furthermore, Cisco has launched a security advisory for this vulnerability, alongside with an inventory of prone and non-prone products.
Cisco confirmed that Cisco FXOS system releases 2.4.1 and later is no longer inclined to this DoS attack. Cisco has additionally offered steps to search out the spot of the SNMP of the system.
The Firepower 4100 Sequence, Firepower 9300 Security Dwelling equipment, and UCS 6300 Sequence Fabric Interconnects products of Cisco non-public SNMP enabled by default in prone versions. Nonetheless, latest releases non-public SNMP disabled by default.
No workarounds non-public been found for this vulnerability, as mentioned by Cisco, and additionally launched a system check characteristic on their security advisory, which users can utilize to detect if their model of the product is inclined to exploitation.
Source credit : cybersecuritynews.com