cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Highlighted
New here

CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Hi,

 

Cisco have recently released an update for the CDPwn vulnerability... does anyone know if this exploit also applies to Merkai devices? I can't find any mention of it from Meraki at all...

 

Edit: Apologies if this in the wrong place, and may be more MS related?

7 REPLIES 7
Highlighted
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

I'm going to say that is a no, since Meraki switches do not run the firmware/software that the Cisco switches run on. Only unknown would be the new MS390 but even then I'm pretty sure its still not an issue.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Highlighted
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Also CDP is proprietary to Cisco, but I believe Meraki can 'hear' CDP but won't send CDP.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Highlighted
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?


@NolanHerring wrote:
Also CDP is proprietary to Cisco, but I believe Meraki can 'hear' CDP but won't send CDP.

MX hears, but doesn't send, that's for sure. I'm pretty sure MS sends CDP though.

 

https://meraki.cisco.com/blog/2013/08/check-out-the-ms-switches-cdp-support-for-voice-vlans/

 

I'm not sure about MR.

 

 

Nothing about this has been posted on the Meraki Customer Advisories page. Best bet might be to call Support nad confirm.

 

https://meraki.cisco.com/blog/cisco-meraki-customer-advisories/

Highlighted
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Oh? I figured CDP being 'cisco' wasn't baked into Meraki MS gear, but they were able to understand it. Can't seem to find anything on the subject other than it works for voice vlans for cisco phones.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Highlighted
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Re: Meraki sending CDP vs. just receiving it

 

If you look at the getNetworkDeviceLldp_cdp call for, e.g., a switch with Meraki equipment hanging off of it...

 

1. MX only seems to send LLDP.

 

"2": {
    "lldp": {
        "sourcePort": "2",
        "systemName": "Meraki MX64",
        "portId": "2"
    }
}

 



2. MR sends both:

 

"1": {
    "cdp": {
        "sourcePort": "1",
        "deviceId": "e0cbbc######",
        "address": "192.168.2.105",
        "portId": "Port 0"
    },
    "lldp": {
        "sourcePort": "1",
        "systemName": "MR74",
        "portId": "0"
    }
}

 

3. MS sends both:

 

"48": {
    "lldp": {
        "sourcePort": "48",
        "systemName": "Meraki MS120-48FP",
        "managementAddress": "192.168.2.4",
        "portId": "2"
    },
    "cdp": {
        "sourcePort": "48",
        "deviceId": "ac17c8######",
        "address": "192.168.2.4",
        "portId": "Port 2"
    }
}

 

 

Highlighted
Kind of a big deal
Kind of a big deal

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Seeing as the CDP vulnerability doesn't affect IOS, IOS XE or many other 'midrange' products I'd be quite surprised if they were affected.

Getting noticed

Re: CVE-2020-3119 - Cisco CDP does this affect Meraki MX?

Meraki Support says it only affects IOS...

 

Greetings,

This exploit is only on IOS firmware. Meraki devices are not affected. the full list of affected devices can be found here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce

Thank you,

Cisco Meraki Technical Support

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.