˼¿ÆÐû²¼¶à¸ö¸ßΣÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2020-02-27

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2020-3173£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3168£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3175£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.6£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3167£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3171£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3172£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.8£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


CVE񅧏

Ó°Ïì²úÆ·

CVE-2020-3173

UCS 6200 Series   Fabric Interconnects

UCS 6300 Series   Fabric Interconnects

UCS 6400 Series   Fabric Interconnects

CVE-2020-3168

ʹÓÃVMware   vSphere Virtual SupervisorµÄCisco Nexus 1000V½»Á÷»ú

CVE-2020-3175

Cisco MDS 9000ϵÁжà²ã½»Á÷»ú

CVE-2020-3167

Firepower 1000   Series

Firepower 2100   Series

Firepower 4100   Series

Firepower 9300 Security   Appliances

UCS 6200 Series   Fabric Interconnects

UCS 6300 Series   Fabric Interconnects

UCS 6400 Series   Fabric Interconnects

CVE-2020-3171

Firepower 2100   Series

Firepower 4100   Series

Firepower 9300   Security Appliances

UCS 6200 Series   Fabric Interconnects

UCS 6300 Series   Fabric Interconnects

UCS 6400 Series   Fabric Interconnects

CVE-2020-3172

ÈôÊÇÒÔÏÂCisco²úÆ·ÔËÐÐÒ×Êܹ¥»÷µÄCisco FXOSÈí¼þ»òCisco NX-OSÈí¼þ°æ±¾£¬£¬£¬£¬£¬²¢ÇÒÉèÖÃΪʹÓÃCisco·¢Ã÷ЭÒ飬£¬£¬£¬£¬Ôò´ËÎó²î»áÓ°ÏìÕâЩ²úÆ·£º

Firepower 4100   Series (CSCvr37151)

Firepower 9300   Security Appliances (CSCvr37151)

MDS 9000 Series   Multilayer Switches (CSCux07556)

Nexus 1000 Virtual   Edge for VMware vSphere (CSCvr37146)

Nexus 1000V Switch   for Microsoft Hyper-V (CSCvr37146)

Nexus 1000V Switch   for VMware vSphere (CSCvr37146)

Nexus 3000 Series   Switches (CSCux58226)

Nexus 5500   Platform Switches (CSCvr37148)

Nexus 5600   Platform Switches (CSCvr37148)

Nexus 6000 Series   Switches (CSCvr37148)

Nexus 7000 Series   Switches (CSCux07556)

Nexus 9000 Series   Fabric Switches in Application Centric Infrastructure (ACI) mode (CSCvr31410)

Nexus 9000 Series   Switches in standalone NX-OS mode (CSCux58226)

UCS 6200 Series   Fabric Interconnects (CSCvr37150)

UCS 6300 Series   Fabric Interconnects (CSCvr37150)


Îó²î¸ÅÊö


2ÔÂ26ÈÕµ½27ÈÕ˼¿Æ¹²Ðû²¼ÁË12¸öÎó²îµÄ²¹¶¡³ÌÐò£¬£¬£¬£¬£¬ÆäÖУ¬£¬£¬£¬£¬°üÀ¨6¸ö¸ßΣÎó²î£¬£¬£¬£¬£¬Ó°Ïì·ÓÉÆ÷¡¢½»Á÷»úµÈ×°±¸¡£¡£ ¡£¸ßΣÎó²î¸ÅÊöÈçÏ£º


CVE-2020-3173

Cisco UCS ManagerÈí¼þÍâµØÖÎÀíCLIÏÂÁî×¢ÈëÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚÏÂÁî²ÎÊýµÄÊäÈëÑé֤ȱ·¦ËùÖ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚÍâµØÖÎÀíCLIÉÏ°üÀ¨¶ñÒâ²ÎÊýÀ´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀֳɵÄʹÓÿÉÄܻᵼÖ¹¥»÷Õß¿ÉÒÔʹÓÃÄ¿½ñµÇÈÎÃü»§µÄÌØȨÔڵײã²Ù×÷ϵͳÉÏÕë¶Ô³ýCisco  UCS 6400 Series Fabric InterconnectsÖ®ÍâµÄËùÓÐÊÜÓ°Ïìƽִ̨ÐÐÌØȨÏÂÁî¡£¡£ ¡£


CVE-2020-3168

ʹÓÃVMware vSphereµÄCisco  Nexus 1000V½»Á÷»úÇå¾²µÇ¼ÔöÇ¿¹¦Ð§¾Ü¾øЧÀÍÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚÔÚÊÜÓ°ÏìµÄ×°±¸ÉÏÉèÖÃÁË×÷ΪÇå¾²µÇ¼ÔöÇ¿¹¦Ð§µÄÒ»²¿·ÖµÄµÇ¼²ÎÊýʱ£¬£¬£¬£¬£¬ÔÚʧ°ÜµÄCLIµÇ¼ʵÑéʱ´ú×ÊÔ´·ÖÅɲ»×¼È·Ôì³ÉµÄ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ý¶ÔÊÜÓ°ÏìµÄ×°±¸Ö´Ðдó×ڵǼʵÑéÀ´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀÖ³ÉʹÓôËÎó²î¿ÉÄܵ¼Ö¾ܾøЧÀÍ£¨DoS£©¡£¡£ ¡£


CVE-2020-3175

Cisco MDS 9000ϵÁжà²ã½»Á÷»ú¾Ü¾øЧÀÍÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚ×ÊԴʹÓÿØÖƲ»µ±Ôì³ÉµÄ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÒԺܸߵÄËÙÂʽ«Á÷Á¿·¢Ë͵½ÊÜÓ°Ïì×°±¸µÄÖÎÀí½Ó¿Ú£¨mgmt0£©À´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀÖ³ÉʹÓôËÎó²î¿ÉÄܻᵼÖ¾ܾøЧÀÍ¡£¡£ ¡£


CVE-2020-3167

Cisco FXOSºÍUCS ManagerÈí¼þCLIÏÂÁî×¢ÈëÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚÊäÈëÑé֤ȱ·¦ËùÖ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚÏÂÁîÖаüÀ¨¶ñÒâ²ÎÊýÀ´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀֳɵÄʹÓÿÉÄÜʹ¹¥»÷Õß¿ÉÒÔʹÓÃÄ¿½ñµÇÈÎÃü»§µÄÌØȨÔڵײã²Ù×÷ϵͳÉÏÕë¶Ô³ýCisco  UCS 6400 Series Fabric InterconnectsÖ®ÍâµÄËùÓÐÊÜÓ°Ïìƽִ̨ÐÐÌØȨÏÂÁî¡£¡£ ¡£ÔÚCisco UCS 6400 Series Fabric InterconnectsÉÏ£¬£¬£¬£¬£¬ÒÔrootÌØȨִÐÐÏÂÁî¡£¡£ ¡£


CVE-2020-3171

Cisco FXOSºÍUCS ManagerÈí¼þÍâµØÖÎÀíCLIÏÂÁî×¢ÈëÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚÊäÈëÑé֤ȱ·¦ËùÖ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚÏÂÁîÖаüÀ¨¶ñÒâ²ÎÊýÀ´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀֳɵÄʹÓÿÉÄÜʹ¹¥»÷Õß¿ÉÒÔʹÓÃÄ¿½ñµÇÈÎÃü»§µÄÌØȨÔڵײã²Ù×÷ϵͳÉÏÕë¶Ô³ýCisco  UCS 6400 Series Fabric InterconnectsÖ®ÍâµÄËùÓÐÊÜÓ°Ïìƽִ̨ÐÐÌØȨÏÂÁî¡£¡£ ¡£ÔÚCisco UCS 6400 Series Fabric InterconnectsÉÏ£¬£¬£¬£¬£¬ÒÔrootÌØȨִÐÐ×¢ÈëµÄÏÂÁî¡£¡£ ¡£


CVE-2020-3172

Cisco FXOSÈí¼þºÍCisco NX-OSÈí¼þʵÏÖµÄCDPЭÒé±£´æí§Òâ´úÂëÖ´Ðк;ܾøЧÀÍÎó²î¡£¡£ ¡£¸ÃÎó²îÊÇÓÉÓÚÊÜÓ°ÏìµÄÈí¼þ´¦Öóͷ£CDPЭÒéÐÂÎÅʱȱÉÙ¼ì²éËùÖ¡£¡£ ¡£¹¥»÷Õß¿ÉÒÔͨ¹ý½«¶ñÒâµÄCDPÊý¾Ý°ü·¢Ë͵½ÊÜÓ°ÏìµÄ×°±¸À´Ê¹ÓôËÎó²î¡£¡£ ¡£ÀÖ³ÉʹÓôËÎó²îÄܹ»ÒÔrootÓû§Éí·ÝÖ´ÐÐí§Òâ´úÂë»òµ¼Ö¾ܾøЧÀÍ£¨DoS£©¡£¡£ ¡£


Îó²îÑéÖ¤


ÔÝÎÞPoC/EXP¡£¡£ ¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nexus-1000v-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-mds-ovrld-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp


²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/publicationListing.x