Thursday , July 4 2024
CISCO

CVE-2024-20399: Cisco NX-OS Vulnerability Under active Attack

infosecbulletin 3 days ago Cyber Attack, Data Breach

There is a security flaw (CVE-2024-20399) in Cisco NX-OS Software that lets an attacker with local access execute commands as root on the affected device.

The vulnerability is caused by not properly checking the arguments used in certain configuration CLI commands. An attacker can take advantage of this vulnerability by inserting a specially-made input as an argument in one of the affected configuration CLI commands. If successful, the attacker could run any commands they want on the operating system with root privileges.

To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. Cisco released updates to fix this issue. There are no other solutions available for this problem.

Researchers detect 28 new Ransomwares in June

By infosecbulletin / Thursday , July 4 2024
Cybersecurity experts found 28 new types of ransomware in June. These malicious programs are a big threat to individuals and...
Read More
Researchers detect 28 new Ransomwares in June

Vote for DHAKA, Vote for ISACA at 6 July

By infosecbulletin / Wednesday , July 3 2024
ISACA Dhaka Chapter election is going to be held on Saturday (6 July) 2024. This year 23 candidates will fight...
Read More
Vote for DHAKA, Vote for ISACA at 6 July

Google to pays $250,000 for KVM zero-day vulnerabilities

By infosecbulletin / Wednesday , July 3 2024
Google launched a new bug bounty program called kvmCTF to enhance the security of its Kernel-based Virtual Machine (KVM) hypervisor....
Read More
Google to pays $250,000 for KVM zero-day vulnerabilities

Brain Cipher Ransomware to Release Decryption Keys free for Indonesia

By infosecbulletin / Tuesday , July 2 2024
The Brain Cipher ransomware group to release the decryption keys for Indonesia Terkoneksi on Wednesday. They said their attack aims...
Read More
Brain Cipher Ransomware to Release Decryption Keys free for Indonesia

0-click Account Takeover via Google Authentication

By infosecbulletin / Tuesday , July 2 2024
"A critical vulnerability has been identified in the Google Authentication mechanism of the application. By manipulating the ID and email...
Read More
0-click Account Takeover via Google Authentication

multiple vulnerabilities found in apache HTTP server

By infosecbulletin / Tuesday , July 2 2024
The Apache Software Foundation has found multiple security issues in the widely used Apache HTTP Server. These vulnerabilities could lead...
Read More
multiple vulnerabilities found in apache HTTP server

Australian four major banks raised alarm on cyber ‘warfare’

By infosecbulletin / Tuesday , July 2 2024
An executive from National Australia Bank reveals that the four major banks in the country face continuous attacks, as threat...
Read More
Australian four major banks raised alarm on cyber ‘warfare’

CVE-2024-20399: Cisco NX-OS Vulnerability Under active Attack

By infosecbulletin / Monday , July 1 2024
There is a security flaw (CVE-2024-20399) in Cisco NX-OS Software that lets an attacker with local access execute commands as...
Read More
CVE-2024-20399: Cisco NX-OS Vulnerability Under active Attack

NCSA to do maximum work with limited manpower: DG Kamruzzaman

By infosecbulletin / Monday , July 1 2024
Despite the limited manpower and various limitations, efforts are being made to keep the country's cyber space safe, said the...
Read More
NCSA to do maximum work with limited manpower: DG Kamruzzaman

Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities

By infosecbulletin / Sunday , June 30 2024
Microsoft will assign Common Vulnerabilities and Exposures (CVE) numbers to important vulnerabilities found and fixed in their cloud services. This...
Read More
Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP

Affected Products:
Vulnerable Products
The following Cisco products were affected at the time of publication:

MDS 9000 Series Multilayer Switches (CSCwj97007)
Nexus 3000 Series Switches (CSCwj97009)1
Nexus 5500 Platform Switches (CSCwj97011)
Nexus 5600 Platform Switches (CSCwj97011)
Nexus 6000 Series Switches (CSCwj97011)
Nexus 7000 Series Switches (CSCwj94682)2
Nexus 9000 Series Switches in standalone NX-OS mode (CSCwj97009)1

1. Cisco NX-OS Software releases running on Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode do not provide extra privileges because of the bash-shell feature. The issue does not affect Cisco NX-OS Software releases 9.3(5) and later, except for specific Cisco platforms.

Nexus 3000 platforms:
N3K-C3264C-E
N3K-C3172PQ-10GE
N3K-C3172PQ-10GE-XL
N3K-C3172TQ-10GT
N3K-C3548P-10GX

Nexus 9000 platforms:
N9K-C92348GC-X (fixed in Cisco NX-OS Software releases 10.4.3 and later)

2. Cisco NX-OS Software releases 8.1(0) and later on Cisco Nexus 7000 Series Switches do not provide extra privileges because of the bash-shell feature.

For more information on this vulnerability, see the Details section of this advisory.

For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory.

Check Also

team viewer

TeamViewer’s internal corporate IT environment faced “irregularity “

In a statement On Wednesday, 26 June 2024, team viewer said, “our security team detected …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin