What is CVE-2020-3165?

CVE-2020-3165 is a high-severity vulnerability in Cisco Nx-os Software, classified under Use of Hard-coded Credentials. CVSS score: 8.2/10. Published 2020-02-26.

How severe is CVE-2020-3165?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Cisco Nx-os Software

CVE-2020-3165

A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connectio…

EPSS: 0.006 (70.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N.

Affected products

Cisco Nx-os Software — versions 9.2(1)

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

20200226 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3165?: CVE-2020-3165 is a high-severity vulnerability in Cisco Nx-os Software, classified under Use of Hard-coded Credentials. CVSS score: 8.2/10. Published 2020-02-26.
How severe is CVE-2020-3165?: High severity. CVSS v3 base score is 8.2 out of 10.