Simple Network Management Protocol – Intelligent Systems Monitoring

Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability

February 3, 2021February 3, 2021 Cisco Leave a comment

A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device.

This vulnerability is due to incorrect LPTS programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by connecting to an affected device using SNMP. A successful exploit could allow the attacker to connect to the device on the configured SNMP ports. Valid credentials are required to execute any of the SNMP requests.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-7MKrW7Nq

Security Impact Rating: Medium

CVE: CVE-2021-1243

No Related Posts

Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability

October 20, 2020October 20, 2020 Cisco Leave a comment

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly.

The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition.

This vulnerability affects all versions of SNMP.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs

This advisory is part of the October 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 17 Cisco Security Advisories that describe 17 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: October 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3533

No Related Posts

M157q News RSS on Twitter: “[webapps] Nagios XI 5.7.3 – ‘SNMP Trap Interface’ Authenticated …

October 18, 2020October 18, 2020 PCIS Support Team Leave a comment

… Authenticated SQL Injection https://www.exploit-db.com/exploits/48895 Nagios XI 5.7.3 – ‘SNMP Trap Interface’ Authenticated SQL Injection …

No Related Posts

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

September 23, 2020September 23, 2020 Cisco Leave a comment

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device.

The vulnerability is due to the lack of input validation of the information used to generate an SNMP trap in relation to a wireless client connection. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, causing a DoS condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3390

Mailings from our servers and containing some text blocked

Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability

June 2, 2020June 2, 2020 Cisco Leave a comment

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5

This advisory is part of the June 3, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 23 Cisco Security Advisories that describe 25 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3235

Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability

June 2, 2020June 2, 2020 Cisco Leave a comment

A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload.

The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef

Security Impact Rating: Medium

CVE: CVE-2020-3232

Would the change of health check status of an external server send an SNMP trap?

September 10, 2019September 12, 2019 Symantec Community Leave a comment

I do not need a solution (just sharing information)

Hi;

Would the change of health check status of an external server send an SNMP trap or an email. Say the external authentication server is now available “green” after having been unavailable “red”.

Kindly

Wasfi

Mailings from our servers and containing some text blocked

Citrix ADC SNMP Counters

September 5, 2019September 10, 2019 Citrix Leave a comment

This article contains information about the newnslog Simple Network Management Protocol (SNMP) counters, and its brief description.

Using the Counters

Log on to the ADC using an SSH client, change to SHELL, navigate to the /var/nslog directory, and then use the ‘nsconmsg’ command to see comprehensive statistics using the different counters available. For the detailed procedure refer to Citrix Blog – NetScaler ‘Counters’ Grab-Bag!.

The newnslog SNMP

The following table lists the newnslog SNMP counters with a simple description of the counter.

Newnslog Counter	Description
snmp_tot_rxpkts	This counter tracks the SNMP packets received.
snmp_tot_txpkts	This counter tracks the SNMP packets transmitted.
snmp_tot_badVersions	This counter tracks the number of SNMP messages received, which were for an unsupported SNMP version.
snmp_tot_badCommName	This counter tracks the SNMP messages received, which used an SNMP community name not known to the NetScaler appliance.
snmp_tot_badCommUse	This counter tracks the total number of SNMP Messages received that represented an SNMP operation which is not allowed by the SNMP community named in the Message.
snmp_tot_parseErrs	This counter tracks the number of ASN.1 or BER errors encountered when decoding received SNMP Messages.
snmp_tot_getBulkReqs	This counter tracks the SNMP Get-Bulk PDUs that are accepted and processed.
snmp_tot_getReqs	This counter tracks the SNMP Get-Request PDUs that are accepted and processed.
snmp_tot_getNextReqs	This counter tracks the SNMP Get-Next PDUs that are accepted and processed.
snmp_tot_responses	This counter tracks the SNMP Get-Response PDUs that the NetScaler appliance generates.
snmp_err_req_dropped	This counter tracks the SNMP requests dropped.
snmp_tot_traps	This counter tracks the SNMP Trap PDUs that the NetScaler appliance generates.
snmp_tot_unsupportedSecurityLevel	This counter tracks the SNMP packets that are dropped because they requested a security level that is unknown to the NetScaler appliance or otherwise unavailable.
snmp_tot_notInTimeWindow	This counter tracks the SNMP packets that are dropped because they appeared outside the Window of the authoritative SNMP engine.
snmp_tot_unknownUserName	This counter tracks the SNMP packets that are dropped because they referenced a user that is not known to the SNMP engine.
snmp_tot_unknownEngineIds	This counter tracks the SNMP packets that are dropped because they referenced an SNMP engine ID that is not known to the NetScaler appliance.
snmp_tot_wrongDigests	This counter tracks the SNMP packets that are dropped because they do not contain the expected digest value.
snmp_tot_decryptionErrors	This counter tracks the SNMP packets that are dropped because they cannot be decrypted.

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Citrix ADC System Counters

September 4, 2019September 10, 2019 Citrix Leave a comment

This article contains information about the newnslog system counters and their brief description.

Using newnslog Counter

To use the newnslog counter, log on to the ADC using an SSH client, switch to SHELL, navigate to the /var/nslog directory, and then use the ‘nsconmsg’ command to see comprehensive statistics. For more information refer to Citrix Blog – NetScaler ‘Counters’ Grab-Bag!

Citrix ADC System Counters

The following table lists the newnslog System counters with a simple description of the counter.

newnslog Counter	Description
allnic_tot_rx_mbits	This counter tracks the number of megabytes received by the NetScaler appliance.
allnic_tot_tx_mbits	This counter tracks the number of megabytes transmitted by the NetScaler appliance.
avg_cpu_usage	This counter tracks the average CPU utilization percentage.
avg_cpu_usage_pcnt	This counter tracks the average CPU utilization percentage.
cc_cpu_use	This counter tracks the CPU utilization percentage.
cpu_speed_expected	This counter tracks the CPU speed in MHz.
cpu_usage	This counter tracks the CPU utilization percentage.
cpu_usage_pcnt	This counter tracks the CPU utilization percentage.
cpu_usage_snmp	This counter tracks the CPU utilization percentage.
cpu_use	This counter tracks the CPU utilization: percentage * 10.
cur_moninfo	This counter tracks the number of monitor bindings defined on this NetScaler appliance.
cur_monitor	This counter tracks the number of monitors defined on this NetScaler appliance.
cur_server	This counter tracks the number of servers defined on this NetScaler appliance.
cur_service	This counter tracks the number of services defined on this NetScaler appliance.
cur_servinfo	This counter tracks the number of virtual server bindings on this NetScaler appliance.
cur_svcgroup	This counter tracks the number of service groups defined on this NetScaler appliance.
cur_svcgroup_svcitem	This counter tracks the number of service group members defined on this NetScaler appliance.
cur_svcgroup_vsrvitem	This counter tracks the number of virtual server, service group bindings on this NetScaler appliance.
cur_syshealth_disk0_avail	This counter tracks the available space in /flash partition of the hard disk.
cur_syshealth_disk0_errors	This counter tracks the disk (/flash) Error counter.
cur_syshealth_disk0_pusage	This counter tracks the cur_syshealth_disk0_errors.
cur_syshealth_disk0_size	This counter tracks the size of /flash partition of the hard disk.
cur_syshealth_disk0_used	This counter tracks the used space in /flash partition of the hard disk.
cur_syshealth_disk1_avail	This counter tracks the available space in /var partition of the hard disk.
cur_syshealth_disk1_errors	This counter tracks the number of errors on the /var partition of the hard disk.
cur_syshealth_disk1_pusage	This counter tracks the used space in /var partition of the disk, as a percentage. This is a critical counter. You can configure /var Used percentage by using the Set snmp alarm DISK-USAGE-HIGH command.
cur_syshealth_disk1_size	This counter tracks the size of /var partition of the hard disk.
cur_syshealth_disk1_used	This counter tracks the used space in /var partition of the hard disk.
cur_syshealth_fan0	This counter tracks the system fan speed. Acceptable range is 3000 to 6000 RPM. This is a critical counter. You can configure System Fan Speed by using the Set snmp alarm FAN-SPEED-LOW command to set the lower limit.
cur_syshealth_fan1	This counter tracks the system fan 1 speed. For new platforms, associated pin is connected to CPU supporting fans. For platforms in which it is not connected, it points to System Fan.
cur_syshealth_fan2	This counter tracks the system fan 2 speed. For new platforms, associated pin is connected to CPU supporting fans. For platforms in which it is not connected, it points to System Fan
cur_syshealth_fan3	This counter tracks the speed of Fan 0 if associated pin is connected to health monitoring chip.
cur_syshealth_fan4	This counter tracks the speed of Fan 1 if associated pin is connected to health monitoring chip.
cur_syshealth_fan5	This counter tracks the speed of Fan 2 if associated pin is connected to health monitoring chip.
cur_syshealth_fan6	This counter tracks the speed of Fan 3 if associated pin is connected to health monitoring chip.
cur_syshealth_fancpu0	This counter tracks the CPU Fan 0 speed. Acceptable range is 3000 to 6000 RPM. This is a critical counter. You can configure CPU Fan 0 Speed by using the Set snmp alarm FAN-SPEED-LOW command to set the lower limit.
cur_syshealth_fancpu1	This counter tracks the CPU Fan 1 speed. Acceptable range is 3000 to 6000 RPM. 7000 platform displays speed of CPU fan 0. This is a critical counter. You can configure CPU Fan 1 Speed by using the Set snmp alarm FAN-SPEED-LOW command to set the lower limit.
cur_syshealth_misc0	Miscellaneous Counter 0.
cur_syshealth_misc1	Miscellaneous Counter 1.
cur_syshealth_ps1fail	This counter tracks the power supply 1 failure status. Values: 0=Not Supported; 1=Not Present; 2=Power Supply Failed; 3=Power Supply OK
cur_syshealth_ps2fail	This counter tracks the power supply 2 failure status. Values: 0=Not Supported; 1=Not Present; 2=Power Supply Failed; 3=Power Supply OK
cur_syshealth_ps3fail	This counter tracks the power supply 3 failure status. Values: 0=Not Supported; 1=Not Present; 2=Power Supply Failed; 3=Power Supply OK
cur_syshealth_ps4fail	This counter tracks the power supply 4 failure status. Values: 0=Not Supported; 1=Not Present; 2=Power Supply Failed; 3=Power Supply OK
cur_syshealth_tcpu0	This counter tracks the CPU 0 temperature. NetScaler 9800 and 9960 platforms display internal chip temperature. This is a critical counter. You can configure CPU 0 Temperature by using the Set snmp alarm TEMPERATURE-HIGH command to set the upper limit.
cur_syshealth_tcpu1	This counter tracks the CPU 1 temperature. NetScaler 9800 and 9960 platforms display internal chip temperature. NetScaler 7000, 9010 and 10010 platforms display CPU 0 temperature. This is a critical counter. You can configure CPU 1 Temperature by using the Set snmp alarm TEMPERATURE-HIGH command to set the upper limit.
cur_syshealth_temp0	This counter tracks the temperature of a device connected to health monitoring chip through pin 0.
cur_syshealth_temp1	This counter tracks the temperature of a device connected to health monitoring chip through pin 1.
cur_syshealth_temp2	This counter tracks the temperature of a device connected to health monitoring chip through pin 2.
cur_syshealth_temp3	This counter tracks the temperature of a device connected to health monitoring chip through pin 3.
cur_syshealth_tint	This counter tracks the internal temperature of health monitoring chip. This is a critical counter. You can configure Internal Temperature by using the Set snmp alarm TEMPERATURE-HIGH command to set the upper limit.
cur_syshealth_v12n	This counter tracks the power supply -12V output. Acceptable range is -13.20 to -10.80 volts. NetScaler 9800 and 9960 platforms display standard value of -12.0V.
cur_syshealth_v12p	This counter tracks the power supply +12V output. Acceptable range is 10.80 to 13.20 volts.
cur_syshealth_v33main	You can configure Standby 3.3V Supply Voltage by using the Set snmp alarm VOLTAGE-LOW command to set the lower limit and the Set snmp alarm VOLTAGE-HIGH command to set the upper limit.
cur_syshealth_v33stby	This counter tracks the standby power supply +3.3V output. Acceptable range is 2.970 to 3.630 volts. NetScaler 9800 and 9960 platforms display standard value of 3.3V.
cur_syshealth_v50n	This counter tracks the power supply -5V output. Acceptable range is -5.50 to -4.50 volts. NetScaler 9800 and 9960 platforms display standard value of -5.0V.
cur_syshealth_v50p	This counter tracks the power supply +5V output. Acceptable range is 4.50 through 5.50 volts.
cur_syshealth_v5sb	This counter tracks the power Supply 5V Standby Voltage. Currently, only 13k Platforms have a valid value for this counter and for older platforms the value is 0.
cur_syshealth_vbat	This counter tracks the onboard battery power supply output. NetScaler 9800 and 9950 platforms display standard value of 5.0V.
cur_syshealth_vcc0	This counter tracks the CPU core 0 voltage. Acceptable range is 1.080 to 1.650 volts.
cur_syshealth_vcc1	This counter tracks the CPU core 1 voltage. Acceptable range is 1.080 to 1.650 volts. If CPU 1 is not connected to the health monitoring chip, then display shows voltage of CPU 0.
cur_syshealth_volt0	This counter tracks the voltage of a device connected to health monitoring chip through pin 0.
cur_syshealth_volt1	This counter tracks the voltage of a device connected to health monitoring chip through pin 1.
cur_syshealth_volt2	This counter tracks the voltage of a device connected to health monitoring chip through pin 2.
cur_syshealth_volt3	This counter tracks the voltage of a device connected to health monitoring chip through pin 3.
cur_syshealth_volt4	This counter tracks the voltage of a device connected to health monitoring chip through pin 4.
cur_syshealth_volt5	This counter tracks the voltage of a device connected to health monitoring chip through pin 5.
cur_syshealth_volt6	This counter tracks the voltage of a device connected to health monitoring chip through pin 6.
cur_syshealth_volt7	This counter tracks the voltage of a device connected to health monitoring chip through pin 7.
cur_syshealth_vsen2	This counter tracks the voltage Sensor 2 Input. Currently, only 13k Platforms have a valid value for this counter and for older platforms the value is 0.
cur_syshealth_vtt	This counter tracks the Intel CPU Vtt power. Currently, only 13k Platforms have a valid value for this counter and for older platforms the value is 0.
master_cpu_usage	This counter tracks the CPU 0 (currently the master CPU) utilization, as percentage of capacity.
master_cpu_use	This counter tracks the CPU0 utilization: percentage * 10.
mem_cur_feature_allocpercent	This counter tracks the percentage of NetScaler appliance memory used by the feature.
mem_cur_feature_allocsize	This counter tracks the total current NetScaler appliance memory available for use by the feature, in kilobytes.
mem_err_feature_alloc_failed	This counter tracks the memory allocation failure for a particular feature.
mem_tot_allocated	This counter tracks the currently allocated memory, in megabytes.
mem_tot_allocated_pcnt	This counter tracks the currently allocated memory in percent.
mem_tot_MB	This counter tracks the total Main memory available for use by packet engine (PE), in megabytes.
mem_tot_use_MB	This counter tracks the total NetScaler Memory in use, in megabytes.
mem_usage_pcnt	This counter tracks the percentage of memory utilization on NetScaler.
mem_usage_percent	This counter tracks the percentage of memory utilization on a NetScaler appliance.
mem_use_MB	This counter tracks the main memory currently in use, in megabytes.
mgmt_cpu_usage_pcnt	This counter tracks the management CPU utilization percentage.
mgmt_cpu_use	This counter tracks the management CPU utilization: percentage * 10.
ns_interval	This counter tracks the interval in seconds between performance monitoring records taken on the NetScaler appliance.
ns_time	This counter tracks the current time set on the NetScaler appliance.
packet_cpu_usage_pcnt	This counter tracks the packet CPU utilization percentage.
per_cpu_usage	This counter tracks the CPU utilization percentage.
shmem_cur_alloc_pcnt	This counter tracks the shared memory in use percent.
shmem_cur_allocsize	This counter tracks the shared memory in use, in megabytes.
shmem_max_allowed	This counter tracks the total shared memory allowed to allocate, in megabytes.
slave_cpu_usage	This counter tracks the CPU 1 (currently the slave CPU) utilization, as percentage of capacity. Not applicable for a single-CPU system.
slave_cpu_use	This counter tracks the CPU1 utilization, percentage * 10.
sys_cpus	This counter tracks the number of CPUs on the NetScaler appliance.
sys_cpus_1	This counter tracks the number of CPUs on the NetScaler appliance.
sys_cur_duration_sincestart	This counter tracks the seconds after the NetScaler appliance started.
sys_memorysize_MB	This counter tracks the total amount of system memory, in megabytes.
sys_starttime	This counter tracks the time when the NetScaler appliance was last started.
sys_tot_config_changes	This counter tracks the number of times a configuration change was made on the NetScaler appliance.
sys_tot_save_configs	This counter tracks the number of times the system configuration was saved on the NetScaler appliance.

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

August 27, 2019August 27, 2019 Cisco Leave a comment

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2019-1963

Tag: Simple Network Management Protocol

Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability

Related:

Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability

Related:

M157q News RSS on Twitter: “[webapps] Nagios XI 5.7.3 – ‘SNMP Trap Interface’ Authenticated …

Related:

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

Related:

Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability

Related:

Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability

Related:

Would the change of health check status of an external server send an SNMP trap?

Related:

Citrix ADC SNMP Counters

Using the Counters

The newnslog SNMP

Related:

Citrix ADC System Counters

Using newnslog Counter

Citrix ADC System Counters

Related:

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

Related:

Links