Cisco Resolves High-Severity Vulnerability in IOS Software for Catalyst 6000 Series Switches

By|
Admin
|
2024-04-11
|
Vulnerabilities

Cisco has recently addressed a significant vulnerability within its Cisco IOS Software utilized by Catalyst 6000 Series Switches, capable of causing a denial of service (DoS) condition.

The vulnerability, assigned CVE-2024-20276 with a base score of 7.4, stems from inadequate handling of process-switched traffic within Cisco IOS, a proprietary operating system powering Cisco Systems' routers, switches, and network devices. This software encompasses critical functionalities like interface configuration, network management, routing, security, switching, and quality of service (QoS).

The identified flaw enables an unauthenticated local attacker to initiate an unexpected device reload by exploiting improper process-switched traffic handling.

An attacker can leverage this vulnerability by directing malicious traffic toward a vulnerable device, potentially leading to a DoS incident by compelling the compromised device to reload.

According to Cisco's advisory, "An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."

The affected products include:

  • Catalyst 6500 Series Switches with Supervisor Engine 2T or 6T
  • Catalyst 6800 Series Switches with Supervisor Engine 2T or 6T

Devices running vulnerable versions of Cisco IOS software with port security, device classifier, or authentication, authorization, and accounting (AAA) activated are susceptible.

To determine vulnerability, users can employ commands such as:

  • show running-config | include interface|port-security to check for port security setup
  • show running-config | include device classifier to verify device classifier configuration
  • show running-config | include system-auth-control|interface|port-control|mab to assess AAA configuration

The following Cisco products are confirmed as not vulnerable to this issue:

  • IOS XE Software
  • IOS XR Software
  • Meraki products
  • NX-OS Software

Additionally, Cisco has verified that several Cisco IOS platforms remain unaffected:

  • Catalyst 1000 Series Switches
  • Catalyst 2000 Series Switches
  • Catalyst 3000 Series Switches
  • Catalyst 4000 Series Switches
  • Catalyst 9000 Series Switches

No workarounds are available to address this vulnerability. Cisco advises affected users to upgrade to the appropriate fixed software release to mitigate the associated risks. Customers with service contracts can access these updates through standard update channels at no cost. For those without service contracts, upgrades can be obtained by contacting the Cisco Technical Assistance Center (TAC) with the product serial number and advisory URL for entitlement to a complimentary upgrade.

BACK

Popular Posts

Boeing Acknowledges $200 Million Ransomware Extortion Attempt

Dell Issues Alert on Data Breach: Reportedly Impacts 49 Million Customers

MoD Data Breach Exposes UK Armed Forces' Personal Information

Traficom Issues Warning on Android Malware Targeting Finnish Bank Accounts

Panda Restaurants Reveals Data Breach Following Hack of Corporate Systems

Dropbox Discloses Theft of Customer Data and Authentication Secrets from eSignature Service

Cuttlefish Malware Targets Routers, Monitoring Traffic for Credentials

U.S. Health Giant Kaiser Notifying Millions of Data Breach, Shared Patient Info with Advertisers