CVE Vulnerabilities

CVE-2020-10136

Authentication Bypass by Spoofing

Published: Jun 02, 2020 | Modified: Jun 17, 2024
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H
Ubuntu

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.

Weakness

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Affected Software

Name Vendor Start Version End Version
Nx-os Cisco 5.2(1)sk3(1.1) (including) 5.2(1)sk3(1.1) (including)
Nx-os Cisco 5.2(1)sk3(2.1) (including) 5.2(1)sk3(2.1) (including)
Nx-os Cisco 5.2(1)sk3(2.1a) (including) 5.2(1)sk3(2.1a) (including)
Nx-os Cisco 5.2(1)sk3(2.2) (including) 5.2(1)sk3(2.2) (including)
Nx-os Cisco 5.2(1)sk3(2.2b) (including) 5.2(1)sk3(2.2b) (including)
Nx-os Cisco 5.2(1)sm1(5.1) (including) 5.2(1)sm1(5.1) (including)
Nx-os Cisco 5.2(1)sm1(5.2) (including) 5.2(1)sm1(5.2) (including)
Nx-os Cisco 5.2(1)sm1(5.2a) (including) 5.2(1)sm1(5.2a) (including)
Nx-os Cisco 5.2(1)sm1(5.2b) (including) 5.2(1)sm1(5.2b) (including)
Nx-os Cisco 5.2(1)sm1(5.2c) (including) 5.2(1)sm1(5.2c) (including)
Nx-os Cisco 5.2(1)sm3(1.1) (including) 5.2(1)sm3(1.1) (including)
Nx-os Cisco 5.2(1)sm3(1.1a) (including) 5.2(1)sm3(1.1a) (including)
Nx-os Cisco 5.2(1)sm3(1.1b) (including) 5.2(1)sm3(1.1b) (including)
Nx-os Cisco 5.2(1)sm3(1.1c) (including) 5.2(1)sm3(1.1c) (including)
Nx-os Cisco 5.2(1)sm3(2.1) (including) 5.2(1)sm3(2.1) (including)
Nx-os Cisco 5.2(1)sv3(1.1) (including) 5.2(1)sv3(1.1) (including)
Nx-os Cisco 5.2(1)sv3(1.2) (including) 5.2(1)sv3(1.2) (including)
Nx-os Cisco 5.2(1)sv3(1.3) (including) 5.2(1)sv3(1.3) (including)
Nx-os Cisco 5.2(1)sv3(1.4) (including) 5.2(1)sv3(1.4) (including)
Nx-os Cisco 5.2(1)sv3(1.4b) (including) 5.2(1)sv3(1.4b) (including)
Nx-os Cisco 5.2(1)sv3(1.5a) (including) 5.2(1)sv3(1.5a) (including)
Nx-os Cisco 5.2(1)sv3(1.5b) (including) 5.2(1)sv3(1.5b) (including)
Nx-os Cisco 5.2(1)sv3(1.6) (including) 5.2(1)sv3(1.6) (including)
Nx-os Cisco 5.2(1)sv3(1.10) (including) 5.2(1)sv3(1.10) (including)
Nx-os Cisco 5.2(1)sv3(1.15) (including) 5.2(1)sv3(1.15) (including)
Nx-os Cisco 5.2(1)sv3(2.1) (including) 5.2(1)sv3(2.1) (including)
Nx-os Cisco 5.2(1)sv3(2.5) (including) 5.2(1)sv3(2.5) (including)
Nx-os Cisco 5.2(1)sv3(2.8) (including) 5.2(1)sv3(2.8) (including)
Nx-os Cisco 5.2(1)sv3(3.1) (including) 5.2(1)sv3(3.1) (including)
Nx-os Cisco 5.2(1)sv3(3.15) (including) 5.2(1)sv3(3.15) (including)
Nx-os Cisco 5.2(1)sv3(4.1) (including) 5.2(1)sv3(4.1) (including)
Nx-os Cisco 5.2(1)sv3(4.1a) (including) 5.2(1)sv3(4.1a) (including)
Nx-os Cisco 5.2(1)sv3(4.1b) (including) 5.2(1)sv3(4.1b) (including)
Nx-os Cisco 5.2(1)sv5(1.1) (including) 5.2(1)sv5(1.1) (including)
Nx-os Cisco 5.2(1)sv5(1.2) (including) 5.2(1)sv5(1.2) (including)
Nx-os Cisco 5.2(1)sv5(1.3) (including) 5.2(1)sv5(1.3) (including)

References