Home / Cisco Security / Latest Threat Information / Event Responses

Cisco Event Response Page

Cisco Event Response: August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication

Doc ID:

ERP-74239

First Published:

2020 August 26 16:00 GMT

Version:

1.0

Summary

The August 26, 2020, release of the Cisco FXOS and NX-OS Software Security Advisory Bundled Publication includes seven Cisco Security Advisories that describe seven vulnerabilities in Cisco FXOS Software, Cisco NX-OS Software, and Cisco UCS Software. Cisco has released software updates that address these vulnerabilities.

All seven vulnerabilities have a Security Impact Rating (SIR) of High.

Details

Cisco Security Advisory	CVE ID	Security Impact Rating	CVSS Base Score	Affected Cisco Platforms
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability	CVE-2020-3517	High	8.6	Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects
cisco-sa-n3n9k-priv-escal-3QhXJBC Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability	CVE-2020-3394	High	7.8	Nexus 3000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode
cisco-sa-nxosbgp-nlri-dos-458rG2OQ Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability	CVE-2020-3397	High	8.6	Nexus 3000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode
cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability	CVE-2020-3398	High	8.6	Nexus 3000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode
cisco-sa-callhome-cmdinj-zkxzSCY Cisco NX-OS Software Call Home Command Injection Vulnerability	CVE-2020-3454	High	7.2	MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode
cisco-sa-nxos-dme-rce-cbE3nhZS Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability	CVE-2020-3415	High	8.8	Nexus 3000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode UCS 6400 Series Fabric Interconnects
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability	CVE-2020-3338	High	7.5	Nexus 3000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode

Related Resources

Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A