CVE-2020-10136
MEDIUMCisco Nx-os < 8.1.0.1 - Authentication Bypass by Spoofing
Title source: ruleDescription
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
Exploits (1)
References (6)
Core 6
Core References
Third Party Advisory, US Government Resource
https://kb.cert.org/vuls/id/636397/
Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4
Third Party Advisory
https://www.digi.com/resources/security
Third Party Advisory, US Government Resource
https://www.kb.cert.org/vuls/id/636397
Various Sources
https://datatracker.ietf.org/doc/html/rfc6169
Third Party Advisory, US Government Resource
https://www.kb.cert.org/vuls/id/199397
Scores
CVSS v3
5.3
EPSS
0.1596
EPSS Percentile
94.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-290
Status
published
Products (47)
cisco/nx-os
5.2\(1\)sk3\(1.1\)
cisco/nx-os
5.2\(1\)sk3\(2.1\)
cisco/nx-os
5.2\(1\)sk3\(2.1a\)
cisco/nx-os
5.2\(1\)sk3\(2.2\)
cisco/nx-os
5.2\(1\)sk3\(2.2b\)
cisco/nx-os
5.2\(1\)sm1\(5.1\)
cisco/nx-os
5.2\(1\)sm1\(5.2\)
cisco/nx-os
5.2\(1\)sm1\(5.2a\)
cisco/nx-os
5.2\(1\)sm1\(5.2b\)
cisco/nx-os
5.2\(1\)sm1\(5.2c\)
... and 37 more
Published
Jun 02, 2020
Tracked Since
Feb 18, 2026