CVE-2020-3165— Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-3165
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD5 authentication is bypassed if the peer does not have MD5 authentication configured, the NX-OS device does have BGP MD5 authentication configured, and the NX-OS BGP virtual routing and forwarding (VRF) name is configured to be greater than 19 characters. An attacker could exploit this vulnerability by attempting to establish a BGP session with the NX-OS peer. A successful exploit could allow the attacker to establish a BGP session with the NX-OS device without MD5 authentication. The Cisco implementation of the BGP protocol accepts incoming BGP traffic only from explicitly configured peers. To exploit this vulnerability, an attacker must send the malicious packets over a TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the affected system’s trusted network.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco NX-OS Software 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco NX-OS Software是美国思科(Cisco)公司的一套交换机使用的数据中心级操作系统软件。 Cisco Nexus 3000 Series Switches和Nexus 9000 Series Switches(处于standalone NX-OS模式下)中的NX-OS Software中存在信任管理问题漏洞。远程攻击者可利用该漏洞绕过BGP MD5身份验证,与其他NX-OS设备建立BGP会话。以下产品及版本受到影响:NX-OS Software 9.2(1)版本,9.2(2)版本,9
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software | 9.2(1) | - |
II. Public POCs for CVE-2020-3165
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-3165
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-nxos-bgpmd5vendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2020-3165
Same Patch Batch · Cisco · 2020-02-26 · 11 CVEs total
| CVE-2020-3175 | Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability | |
| CVE-2020-3174 | Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability | |
| CVE-2020-3173 | Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability | |
| CVE-2020-3172 | Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial | |
| CVE-2020-3171 | Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability | |
| CVE-2020-3170 | Cisco NX-OS Software NX-API Denial of Service Vulnerability | |
| CVE-2020-3169 | Cisco FXOS Software CLI Command Injection Vulnerability | |
| CVE-2020-3168 | Cisco Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service Vu | |
| CVE-2020-3167 | Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability | |
| CVE-2020-3166 | Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco NX-OS Software
- CVE-2026-20010
Cisco Nexus 3000 and 9000 Series Switches Link Layer Discove - CVE-2026-20051
Cisco Nexus 3600-R and 9500-R Series Switching Platforms Lay - CVE-2025-20241
Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TB - CVE-2025-20262
Cisco Nexus 3000 and 9000 Series Switches Protocol Independe - CVE-2025-20290
Cisco NXOS Software Sensitive Log Information Disclosure Vul
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2020-3165
No comments yet