A Vulnerability with Cisco Small Business, Smart, and Managed Switches Could Allow for Denial of Service

by CIRT Team

25 Aug 2020

in Security Advisories & Alerts

No Comments

1103

DESCRIPTION

A vulnerability has been discovered in Cisco Small Business, Smart, and Managed Switches which could allow for a denial-of-service condition when the switch processes a specially crafted IPv6 address. The vulnerability occurs due to insufficient validation of incoming IPv6 traffic. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. The vulnerability does not affect IPv4 traffic and there is no workaround for the vulnerability. Successful exploitation of this vulnerability could allow an attacker to cause the switches management CLI to stop responding.

IMPACT

SYSTEM AFFECTED

Cisco 250 Series Smart Switches
Cisco 350 Series Managed Switches
Cisco 350X Series Stackable Managed Switches
Cisco 550X Series Stackable Managed Switches
Cisco Small Business 200 Series Smart Switches
Cisco Small Business 300 Series Managed Switches
Cisco Small Business 500 Series Stackable Managed Switches

RECOMMENDATIONS

Following actions are recommended to be taken:

Apply appropriate patches provided by Cisco to vulnerable devices immediately after appropriate testing.
Deploy network intrusion detection systems to monitor network traffic to affected devices.

REFERENCES

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3496

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbffW

https://www.cisecurity.org/advisory/a-vulnerability-with-cisco-small-business-smart-and-managed-switches-could-allow-for-denial-of-service_2020-119/