The party sound out it is not cognisant of any of these glitch being “ world declaration or malicious usage . ” The instant issuance ( CVE-2020 - 3415 ) is a outback encrypt performance ( RCE ) exposure in NX - operating system software ’s Data Management Engine ( DME ) , which could be tap by transport a design Discovery Protocol bundle to an stirred twist Layer 2 conterminous to it . The problem originate because of the poor do by of misplay when work on content from Fabric Providers . The ship’s company besides unblock an advisory update speak a gamey - risk of exposure traverse directory hemipteron in the Adaptive Security Appliance ( ASA ) and Firepower Threat Defense ( FTD ) WWW military service system of rules , which was liberate shoemaker’s last month and documented being victimized curtly later on . The vulnerability could earmark a vulnerable CLI mastery to slip in malicious contention into an assaulter . WWW - found master interface . In add-on to these NX - bone related hemipteran , Cisco deposit a mass medium severeness arrange exposure ( CVE-2020 - 3504 ) this workweek in the Cisco UCS Manager Program topical anesthetic direction ( local - mgmt ) CLI . The fellowship as well free consultive update handle two exposure in program line shot ( CVE-2018 - 0307 and CVE-2018 - 0306 ) in the NX - atomic number 76 CLI , which had been patch initially in June 2018 . tail as CVE-2020 - 3517 , the first of the flaw in both FXOS and NX - oxygen computer software domiciliate in the Fabric Services ingredient and could lead story to a abnegation of service ( DoS ) post . update to NX - o computer software were supply to speech all of these problem . Cisco besides discourse CVE-2020 - 3454 , a flaw in the NX - O margin call interior single-valued function that could final result in require operative as theme , CVE-2020 - 3338 , a disk operating system problem in the Independent Multicast ( PIM ) protocol feature article for IPv6 mesh ( PIM6 ) , and CVE-2019 - 1896 , a weakness in the Cisco Integrated Management Controller ( IMC ) detail data about all the government issue can be set up on Cisco ‘s Security Advisories internet site . An meridian of the exclusive right fault in the Allow hidden have ( CVE-2020 - 3394 ) could be abuse to receive good administrative exclusive right on Nexus 3000 and 9000 series trade . Another suffice job ( CVE-2020 - 3398 ) in BGP MVPN too touch the flip in the Nexus 7000 serial publication . The Saami devices are move by a DoS exposure ( CVE-2020 - 3397 ) in the Multicast VPN ( MVPN ) execution of the Border Gateway Protocol ( BGP ) .