Guest

Preview Tool

Cisco Bug: CSCvu84499 - [SMF-SVI] Vulnerabilities detected on SMF and SMI from tenable scans

Last Modified

Aug 29, 2020

Products (1)

Known Affected Releases

2020.3

Description (partial)

CISCO HIGHLY CONFIDENTIAL - CONTROLLED ACCESS

This issue is under review by the Cisco Product Security Incident Response
team (PSIRT).

The defect describes a product security vulnerability.  Its contents must
be protected from unauthorized disclosure, both internal and external to
Cisco.  Do not forward this information to mailing lists or newsgroups.

Documentation writers: it is prohibited to publish this Release-note 
Enclosure (RNE) until the content has been approved by PSIRT.  PSIRT may 
publish a Security Advisory regarding this defect, and the current text of 
this RNE will be replaced with appropriate information.  In the event that 
a Security Advisory is not published, PSIRT will replace this text with an 
appropriate explanation.

More information on PSIRT is available at <http//psirt.cisco.com/>.  
Cisco's public policy on security vulnerability handling can be reviewed at 
<http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html>.
For further information, send a message to psirt@cisco.com.

User: jemcguin-Date:07-01-2020

Symptom:
This product includes a version of multiple third-party components affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2020-0543, CVE-2020-0548, CVE-2020-0549, CVE-2020-10108, CVE-2020-10531, CVE-2020-10751, CVE-2020-10942, CVE-2020-11008, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11655, CVE-2020-11668, CVE-2020-12049, CVE-2020-12114, CVE-2020-12399, CVE-2020-12464, CVE-2020-12762, CVE-2020-12769, CVE-2020-12826, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-13790, CVE-2020-1712, CVE-2020-1749, CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659, CVE-2020-2732, CVE-2020-2754, CVE-2020-2756, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830, CVE-2020-3810, CVE-2020-5260, CVE-2020-7595, CVE-2020-8428, CVE-2020-8492, CVE-2020-8648, CVE-2020-9308, CVE-2020-9327, CVE-2020-9383

This bug was opened to address the potential impact on this product.

Conditions:
Device with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.