Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities (cisco-sa-cdb-cmicr-vulns-KJjFtNb)

medium Nessus Plugin ID 160085

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities is affected by the following vulnerabilities:

- A denial of service (DoS) vulnerability exists in the boot loader. An unauthenticated, physical attacker can exploit this issue, via the ROM monitor, to cause the device to stop responding. (CVE-2022-20661)

- A remote code execution vulnerability exists in the boot loader due to improperly enabling Secure Boot. An unauthenticated, physical attacker can exploit this to bypass authentication and execute arbitrary code with system privileges. (CVE-2022-20731)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in the Cisoc Security Advisory.

See Also

http://www.nessus.org/u?09e64044

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz02634

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz30892

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz34674

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz42624

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvz57636

Plugin Details

Severity: Medium

ID: 160085

File Name: cisco-sa-cdb-cmicr-vulns-KJjFtNb.nasl

Version: 1.5

Type: combined

Family: CISCO

Published: 4/22/2022

Updated: 4/26/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-20731

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version, Host/Cisco/IOS/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 4/21/2022

Vulnerability Publication Date: 4/21/2022

Reference Information

CVE: CVE-2022-20661, CVE-2022-20731