Lucene search

HistoryJul 10, 2020 - 12:00 a.m.

Telnet Vulnerability Affecting Cisco Products: June 2020 (cisco-sa-telnetd-EFJrEzPx)

2020-07-1000:00:00

www.tenable.com

122

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.833

Percentile

98.5%

JSON

According to its self-reported version, Cisco IOS XE Software is affected by a Telnet vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information.

#TRUSTED 2a069cc89e0ffd02a934ca8e5aa7394e6f665fc7be87bd4a34bc014db83da658feb51d0dce68bc1b95685a96acda9f928bc2351b2bc1ce149b5fb867766aed74e2b03e416b7ffd372871044f868a70a8628eaf6bb021438c4bff65d1893d24013058b3d8c9bf9f135a310134b8fad68fea64f3dec73f8437be1208afa78bdc4fc0967823d8fe5f4681313c7d54c4cc77b1e5709276dc60d20afbbc9dfd481a682f773958198ef6fa1e647047fca74db9c41e47f58503a1ad6a5716fa703d93e5302a873df185a7f189f1d45508b033fc25a1c96bba434725ff79a27345024aa28f6b29e8ee1f427b0ddc8a81e42b26e8527b717ff468676b8b531d65cf5e23b340f4c87458e122045cacd108a7618dc3d234f50dc23ed3795d72f8c16baba6455e38f2111fc8d8f43156fd69ddc2621fb4f8572ca34caeae3c28ceb86c8812f47bb5b1c034627cf4734f79a43f26ccfda2115ef85621072e796c611c0cefd642443f4aeb28364e9d57c8b2902ba6b57983c8dd11e173228aeba28e5363e12c63e0ade22f2b58f542f0c13a6fd130a14009956b63197257bfdd92943e317c14cc5bdda89636c8e0cf3464d532fa59413763a8db3add99789740e05cb58d7340cab116df6d60e03fbbfc73989fbbe018c3dd1dc27d91df0a21acb26505543165866d3994ea516cb07b06ab1146bcae2abdf69e12c92499beafe23afce3d4e421a0
#TRUST-RSA-SHA256 66bd3c9f3f08d606691e798f8a5961fa42733c582ec5cddcba8f73b7882b27741b73ecf2a100d5c3071b3b6f983068e5bcee39bf30f3f13fe18fa56e1258d68fdb58958cc3a2725fcb02005fad0cd77d8a7ed2b3fa35111c36c651b0348b1b7e178caa3c0e20a7abf70fa697aa12eeff579f479459edb192825d99df153e2daf9eb95addbc59683b5ab2bb97855dd5c9275f74408a883b98e4b892a355ce270793cba9e019668e34c3c007d3030a6e944b53ffd993bf20f693cdd370dfd045e73a5e6b1b9418e6a946d7cb90a91174bd5dd7c2c0b0abf3978fa7408bf8a461464feeaeb05a3892de0e1fddb76511ea4894353de53c37904351e507545830fe99654d45298284958505c5ccac2a8528445e83bb0a42c3f04c35f6c3b8aa0672024828248c05355066e09ad1e6b1ef623ff3f0f91c3042472e5f31e84533a62c6bae63353ef6b1023df1549ab5a0ab5c9240d2da87a9f618e972a75e41fe28a2d61e32c2a6fdd57d0cfb31a857bc387863fc5a459b35357eb7257206d79d3d7d31cb2565e29177bcbcb16d2213da06ae055d8b22628c96abdd3c5844534c711ea5a30e333cc14360a80623e69db9ead565130dfd6970ce250039652633101d8cf03ad4e47a18940ef57d0893bc575ac2b66656cf7a38b8155235c11f7b4ad7d28d5d572c20fc6a284098aca46d1c899b9a3a82dd9970480839d47c0aa6cead169e
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(138359);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/03");

  script_cve_id("CVE-2020-10188");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvu66723");
  script_xref(name:"CISCO-SA", value:"cisco-sa-telnetd-EFJrEzPx");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");
  script_xref(name:"IAVA", value:"2020-A-0296-S");

  script_name(english:"Telnet Vulnerability Affecting Cisco Products: June 2020 (cisco-sa-telnetd-EFJrEzPx)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS XE Software is affected by a Telnet vulnerability. Please see the included
Cisco BIDs and Cisco Security Advisory for more information.");
  # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telnetd-EFJrEzPx
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6cefd99e");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu66723");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvu66723");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10188");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(120);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/06/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/10");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ios_xe_version.nasl");
  script_require_keys("Host/Cisco/IOS-XE/Version");

  exit(0);
}

include('cisco_workarounds.inc');
include('ccf.inc');

product_info = cisco::get_product_info(name:'Cisco IOS XE Software');

version_list=make_list(
  '3.9.2bE',
  '3.9.2S',
  '3.9.2E',
  '3.9.1aS',
  '3.9.1S',
  '3.9.1E',
  '3.9.0aS',
  '3.9.0S',
  '3.9.0E',
  '3.8.9E',
  '3.8.8E',
  '3.8.7E',
  '3.8.6E',
  '3.8.5aE',
  '3.8.5E',
  '3.8.4E',
  '3.8.3E',
  '3.8.2S',
  '3.8.2E',
  '3.8.1S',
  '3.8.1E',
  '3.8.10E',
  '3.8.0S',
  '3.8.0E',
  '3.7.8S',
  '3.7.7S',
  '3.7.6S',
  '3.7.5S',
  '3.7.5E',
  '3.7.4aS',
  '3.7.4S',
  '3.7.4E',
  '3.7.3S',
  '3.7.3E',
  '3.7.2tS',
  '3.7.2S',
  '3.7.2E',
  '3.7.1aS',
  '3.7.1S',
  '3.7.1E',
  '3.7.0bS',
  '3.7.0S',
  '3.7.0E',
  '3.6.9aE',
  '3.6.9E',
  '3.6.8E',
  '3.6.7bE',
  '3.6.7aE',
  '3.6.7E',
  '3.6.6E',
  '3.6.5bE',
  '3.6.5aE',
  '3.6.5E',
  '3.6.4E',
  '3.6.3E',
  '3.6.2aE',
  '3.6.1E',
  '3.6.10E',
  '3.6.0bE',
  '3.6.0aE',
  '3.6.0E',
  '3.5.8SQ',
  '3.5.7SQ',
  '3.5.6SQ',
  '3.5.5SQ',
  '3.5.4SQ',
  '3.5.3SQ',
  '3.5.3E',
  '3.5.2SQ',
  '3.5.2E',
  '3.5.1SQ',
  '3.5.1E',
  '3.5.0SQ',
  '3.5.0E',
  '3.4.8SG',
  '3.4.7SG',
  '3.4.6SG',
  '3.4.5SG',
  '3.4.4SG',
  '3.4.3SG',
  '3.4.2SG',
  '3.4.1SQ',
  '3.4.1SG',
  '3.4.0SQ',
  '3.4.0SG',
  '3.3.5SE',
  '3.3.4SE',
  '3.3.3SE',
  '3.3.2XO',
  '3.3.2SG',
  '3.3.2SE',
  '3.3.1XO',
  '3.3.1SQ',
  '3.3.1SG',
  '3.3.1SE',
  '3.3.0XO',
  '3.3.0SQ',
  '3.3.0SG',
  '3.3.0SE',
  '3.2.9SG',
  '3.2.8SG',
  '3.2.7SG',
  '3.2.6SG',
  '3.2.5SG',
  '3.2.4SG',
  '3.2.3SG',
  '3.2.3SE',
  '3.2.2SG',
  '3.2.2SE',
  '3.2.1SG',
  '3.2.1SE',
  '3.2.11SG',
  '3.2.10SG',
  '3.2.0SG',
  '3.2.0SE',
  '3.18.7SP',
  '3.18.6SP',
  '3.18.5SP',
  '3.18.4SP',
  '3.18.4S',
  '3.18.3bSP',
  '3.18.3aSP',
  '3.18.3SP',
  '3.18.3S',
  '3.18.2aSP',
  '3.18.2SP',
  '3.18.2S',
  '3.18.1iSP',
  '3.18.1hSP',
  '3.18.1gSP',
  '3.18.1cSP',
  '3.18.1bSP',
  '3.18.1aSP',
  '3.18.1SP',
  '3.18.1S',
  '3.18.0aS',
  '3.18.0SP',
  '3.18.0S',
  '3.17.4S',
  '3.17.3S',
  '3.17.2S ',
  '3.17.1aS',
  '3.17.1S',
  '3.17.0S',
  '3.16.9S',
  '3.16.8S',
  '3.16.7bS',
  '3.16.7aS',
  '3.16.7S',
  '3.16.6bS',
  '3.16.6S',
  '3.16.5bS',
  '3.16.5aS',
  '3.16.5S',
  '3.16.4gS',
  '3.16.4eS',
  '3.16.4dS',
  '3.16.4cS',
  '3.16.4bS',
  '3.16.4aS',
  '3.16.4S',
  '3.16.3aS',
  '3.16.3S',
  '3.16.2bS',
  '3.16.2aS',
  '3.16.2S',
  '3.16.1aS',
  '3.16.1S',
  '3.16.10S',
  '3.16.0cS',
  '3.16.0bS',
  '3.16.0aS',
  '3.16.0S',
  '3.15.4S',
  '3.15.3S',
  '3.15.2S',
  '3.15.1cS',
  '3.15.1S',
  '3.15.0S',
  '3.14.4S',
  '3.14.3S',
  '3.14.2S',
  '3.14.1S',
  '3.14.0S',
  '3.13.9S',
  '3.13.8S',
  '3.13.7aS',
  '3.13.7S',
  '3.13.6bS',
  '3.13.6aS',
  '3.13.6S',
  '3.13.5aS',
  '3.13.5S',
  '3.13.4S',
  '3.13.3S',
  '3.13.2aS',
  '3.13.2S',
  '3.13.1S',
  '3.13.10S',
  '3.13.0aS',
  '3.13.0S',
  '3.12.4S',
  '3.12.3S',
  '3.12.2S',
  '3.12.1S',
  '3.12.0aS',
  '3.12.0S',
  '3.11.4S',
  '3.11.3S',
  '3.11.2aE',
  '3.11.2S',
  '3.11.2E',
  '3.11.1aE',
  '3.11.1S',
  '3.11.1E',
  '3.11.0S',
  '3.11.0E',
  '3.10.9S',
  '3.10.8aS',
  '3.10.8S',
  '3.10.7S',
  '3.10.6S',
  '3.10.5S',
  '3.10.4S',
  '3.10.3S',
  '3.10.3E',
  '3.10.2tS',
  '3.10.2aS',
  '3.10.2S',
  '3.10.2E',
  '3.10.1sE',
  '3.10.1aE',
  '3.10.1S',
  '3.10.1E',
  '3.10.10S',
  '3.10.0cE',
  '3.10.0S',
  '3.10.0E',
  '17.2.1v',
  '17.2.1t',
  '17.2.1r',
  '17.2.1a',
  '17.2.1',
  '16.9.5f',
  '16.9.5',
  '16.9.4c',
  '16.9.4',
  '16.9.3s',
  '16.9.3h',
  '16.9.3a',
  '16.9.3',
  '16.9.2s',
  '16.9.2a',
  '16.9.2',
  '16.9.1s',
  '16.9.1d',
  '16.9.1c',
  '16.9.1b',
  '16.9.1a',
  '16.9.1',
  '16.8.3',
  '16.8.2',
  '16.8.1s',
  '16.8.1e',
  '16.8.1d',
  '16.8.1c',
  '16.8.1b',
  '16.8.1a',
  '16.8.1',
  '16.7.4',
  '16.7.3',
  '16.7.2',
  '16.7.1b',
  '16.7.1a',
  '16.7.1',
  '16.6.8',
  '16.6.7a',
  '16.6.7',
  '16.6.6',
  '16.6.5b',
  '16.6.5a',
  '16.6.5',
  '16.6.4s',
  '16.6.4a',
  '16.6.4',
  '16.6.3',
  '16.6.2',
  '16.6.1',
  '16.5.3',
  '16.5.2',
  '16.5.1b',
  '16.5.1a',
  '16.5.1',
  '16.4.3',
  '16.4.2',
  '16.4.1',
  '16.3.9',
  '16.3.8',
  '16.3.7',
  '16.3.6',
  '16.3.5b',
  '16.3.5',
  '16.3.4',
  '16.3.3',
  '16.3.2',
  '16.3.1a',
  '16.3.10',
  '16.3.1',
  '16.2.2',
  '16.2.1',
  '16.12.3s',
  '16.12.3a',
  '16.12.3',
  '16.12.2t',
  '16.12.2s',
  '16.12.2a',
  '16.12.2',
  '16.12.1z',
  '16.12.1y',
  '16.12.1x',
  '16.12.1w',
  '16.12.1t',
  '16.12.1s',
  '16.12.1c',
  '16.12.1a',
  '16.12.1',
  '16.11.2',
  '16.11.1s',
  '16.11.1c',
  '16.11.1b',
  '16.11.1a',
  '16.11.1',
  '16.10.3',
  '16.10.2',
  '16.10.1s',
  '16.10.1g',
  '16.10.1f',
  '16.10.1e',
  '16.10.1d',
  '16.10.1c',
  '16.10.1b',
  '16.10.1a',
  '16.10.1',
  '16.1.3',
  '16.1.2',
  '16.1.1'
);

workarounds = make_list(CISCO_WORKAROUNDS['persistent_telnet']);
workaround_params = make_list();

reporting = make_array(
  'port'     , product_info['port'], 
  'severity' , SECURITY_HOLE,
  'version'  , product_info['version'],
  'bug_id'   , 'CSCvu66723',
  'cmds'     , make_list("show running-config | include transport type persistent telnet")
);

cisco::check_and_report(
  product_info:product_info,
  workarounds:workarounds,
  workaround_params:workaround_params,
  reporting:reporting,
  vuln_versions:version_list
);

VendorProductVersionCPE
ciscoios_xecpe:/o:cisco:ios_xe

Vendor	Product	Version	CPE
cisco	ios_xe		cpe:/o:cisco:ios_xe

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188

www.nessus.org/u?6cefd99e

bst.cloudapps.cisco.com/bugsearch/bug/CSCvu66723

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.833

Percentile

98.5%

JSON

Related for CISCO-SA-TELNETD-EFJREZPX-IOSXE.NASL