Cisco Event Response Page
Cisco Event Response: August 2024 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
-
Cisco released its semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication on August 28, 2024. In direct response to customer feedback, Cisco releases bundles of Cisco FXOS and NX-OS Software Security Advisories on the fourth Wednesday of the month in February and August of each calendar year.
The August 28, 2024, release of the Cisco FXOS and NX-OS Software Security Advisory Bundled Publication includes four Cisco Security Advisories that describe seven vulnerabilities in Cisco NX-OS Software and Cisco UCS Software. Cisco has released software updates that address these vulnerabilities.
-
The following table identifies Cisco Security content that is associated with this bundled publication:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Affected Software Affected Hardware Platforms Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability CVE-2024-20446High8.6NX-OS Software Cisco Nexus 3000 Series Switches, Cisco Nexus 7000 Series Switches, Cisco Nexus 9000 Series Switches Cisco NX-OS Software Bash Arbitrary Code Execution and Privilege Escalation Vulnerabilities CVE-2024-20411CVE-2024-20413Medium6.7NX-OS Software Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches Cisco NX-OS Software Python Sandbox Escape Vulnerabilities CVE-2024-20284CVE-2024-20285CVE-2024-20286Medium5.3NX-OS Software Cisco MDS 9000 Multilayer Directors and Fabric Switches, Cisco Nexus 3000 Series Switches, Cisco Nexus 5000 Series Switches, Cisco Nexus 6000 Series Switches, Cisco Nexus 7000 Series Switches, Cisco Nexus 9000 Series Switches Cisco NX-OS Software Command Injection Vulnerability CVE-2024-20289Medium4.4NX-OS Software, NX-OS Software in ACI Mode, UCS Software (Managed) Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches, Cisco UCS 6400 Series Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A