Lucene search

CiscoCISCO-SA-SNMP-DOS-USXSYTK5

HistoryJun 03, 2020 - 4:00 p.m.

Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability

2020-06-0316:00:00

tools.cisco.com

0.001 Low

EPSS

Percentile

35.9%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5”]

This advisory is part of the June 3, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 23 Cisco Security Advisories that describe 25 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [" https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73388"].

Affected configurations

Vulners

Node

ciscoiosMatch12.2sg

ciscoiosMatch15.0xo

ciscoiosMatch15.0ey

ciscoiosMatch12.2wo

ciscoiosMatch15.1sg

ciscoiosMatch15.0sg

ciscoiosMatch15.0ex

ciscoiosMatch15.2e

ciscorvs4000_softwareMatch3.2sg

ciscorvs4000_softwareMatch3.3sg

ciscorvs4000_softwareMatch3.3xo

ciscorvs4000_softwareMatch3.4sg

ciscorvs4000_softwareMatch3.5e

ciscorvs4000_softwareMatch3.6e

ciscorvs4000_softwareMatch3.7e

ciscorvs4000_softwareMatch3.8e

ciscorvs4000_softwareMatch3.18sp

ciscorvs4000_softwareMatch3.9e

ciscorvs4000_softwareMatch3.10e

ciscoiosMatch12.2\(53\)sg1

ciscoiosMatch12.2\(53\)sg2

ciscoiosMatch12.2\(53\)sg3

ciscoiosMatch12.2\(54\)sg1

ciscoiosMatch12.2\(52\)sg

ciscoiosMatch12.2\(54\)sg

ciscoiosMatch12.2\(53\)sg4

ciscoiosMatch12.2\(53\)sg5

ciscoiosMatch12.2\(53\)sg6

ciscoiosMatch12.2\(53\)sg7

ciscoiosMatch12.2\(53\)sg8

ciscoiosMatch12.2\(53\)sg9

ciscoiosMatch12.2\(53\)sg10

ciscoiosMatch12.2\(53\)sg11

ciscoiosMatch15.0\(1\)xo1

ciscoiosMatch15.0\(1\)xo

ciscoiosMatch15.0\(2\)xo

ciscoiosMatch15.0\(1\)ey

ciscoiosMatch15.0\(1\)ey2

ciscoiosMatch12.2\(54\)wo

ciscoiosMatch15.1\(1\)sg

ciscoiosMatch15.1\(2\)sg

ciscoiosMatch15.1\(1\)sg1

ciscoiosMatch15.1\(1\)sg2

ciscoiosMatch15.1\(2\)sg1

ciscoiosMatch15.1\(2\)sg2

ciscoiosMatch15.1\(2\)sg3

ciscoiosMatch15.1\(2\)sg4

ciscoiosMatch15.1\(2\)sg5

ciscoiosMatch15.1\(2\)sg6

ciscoiosMatch15.1\(2\)sg7

ciscoiosMatch15.1\(2\)sg8

ciscoiosMatch15.0\(2\)sg

ciscoiosMatch15.0\(2\)sg1

ciscoiosMatch15.0\(2\)sg2

ciscoiosMatch15.0\(2\)sg3

ciscoiosMatch15.0\(2\)sg4

ciscoiosMatch15.0\(2\)sg5

ciscoiosMatch15.0\(2\)sg6

ciscoiosMatch15.0\(2\)sg7

ciscoiosMatch15.0\(2\)sg8

ciscoiosMatch15.0\(2\)sg9

ciscoiosMatch15.0\(2\)sg10

ciscoiosMatch15.0\(2\)sg11

ciscoiosMatch15.0\(2\)ex2

ciscoiosMatch15.0\(2\)ex8

ciscoiosMatch15.2\(1\)e

ciscoiosMatch15.2\(2\)e

ciscoiosMatch15.2\(1\)e1

ciscoiosMatch15.2\(3\)e

ciscoiosMatch15.2\(1\)e3

ciscoiosMatch15.2\(2\)e1

ciscoiosMatch15.2\(2b\)e

ciscoiosMatch15.2\(4\)e

ciscoiosMatch15.2\(3\)e1

ciscoiosMatch15.2\(2\)e2

ciscoiosMatch15.2\(2\)e3

ciscoiosMatch15.2\(3\)e2

ciscoiosMatch15.2\(3\)e3

ciscoiosMatch15.2\(4\)e1

ciscoiosMatch15.2\(2\)e4

ciscoiosMatch15.2\(2\)e5

ciscoiosMatch15.2\(4\)e2

ciscoiosMatch15.2\(3\)e4

ciscoiosMatch15.2\(4\)e3

ciscoiosMatch15.2\(2\)e6

ciscoiosMatch15.2\(2\)e5a

ciscoiosMatch15.2\(3\)e5

ciscoiosMatch15.2\(2\)e5b

ciscoiosMatch15.2\(4\)e4

ciscoiosMatch15.2\(2\)e7

ciscoiosMatch15.2\(4\)e5

ciscoiosMatch15.2\(2\)e8

ciscoiosMatch15.2\(2\)e7b

ciscoiosMatch15.2\(4\)e5a

ciscoiosMatch15.2\(4\)e6

ciscoiosMatch15.2\(2\)e9

ciscoiosMatch15.2\(4\)e7

ciscoiosMatch15.2\(2\)e10

ciscoiosMatch15.2\(4\)e8

ciscoiosMatch15.2\(2\)e9a

ciscorvs4000_softwareMatch3.2.0sg

ciscorvs4000_softwareMatch3.2.1sg

ciscorvs4000_softwareMatch3.2.2sg

ciscorvs4000_softwareMatch3.2.3sg

ciscorvs4000_softwareMatch3.2.4sg

ciscorvs4000_softwareMatch3.2.5sg

ciscorvs4000_softwareMatch3.2.6sg

ciscorvs4000_softwareMatch3.2.7sg

ciscorvs4000_softwareMatch3.2.8sg

ciscorvs4000_softwareMatch3.2.9sg

ciscorvs4000_softwareMatch3.2.10sg

ciscorvs4000_softwareMatch3.2.11sg

ciscorvs4000_softwareMatch3.3.0sg

ciscorvs4000_softwareMatch3.3.2sg

ciscorvs4000_softwareMatch3.3.1sg

ciscorvs4000_softwareMatch3.3.0xo

ciscorvs4000_softwareMatch3.3.1xo

ciscorvs4000_softwareMatch3.3.2xo

ciscorvs4000_softwareMatch3.4.0sg

ciscorvs4000_softwareMatch3.4.2sg

ciscorvs4000_softwareMatch3.4.1sg

ciscorvs4000_softwareMatch3.4.3sg

ciscorvs4000_softwareMatch3.4.4sg

ciscorvs4000_softwareMatch3.4.5sg

ciscorvs4000_softwareMatch3.4.6sg

ciscorvs4000_softwareMatch3.4.7sg

ciscorvs4000_softwareMatch3.4.8sg

ciscorvs4000_softwareMatch3.5.0e

ciscorvs4000_softwareMatch3.5.1e

ciscorvs4000_softwareMatch3.5.2e

ciscorvs4000_softwareMatch3.5.3e

ciscorvs4000_softwareMatch3.6.0e

ciscorvs4000_softwareMatch3.6.1e

ciscorvs4000_softwareMatch3.6.0be

ciscorvs4000_softwareMatch3.6.2e

ciscorvs4000_softwareMatch3.6.3e

ciscorvs4000_softwareMatch3.6.4e

ciscorvs4000_softwareMatch3.6.5e

ciscorvs4000_softwareMatch3.6.6e

ciscorvs4000_softwareMatch3.6.5ae

ciscorvs4000_softwareMatch3.6.5be

ciscorvs4000_softwareMatch3.6.7e

ciscorvs4000_softwareMatch3.6.8e

ciscorvs4000_softwareMatch3.6.9e

ciscorvs4000_softwareMatch3.6.10e

ciscorvs4000_softwareMatch3.7.0e

ciscorvs4000_softwareMatch3.7.1e

ciscorvs4000_softwareMatch3.7.2e

ciscorvs4000_softwareMatch3.7.3e

ciscorvs4000_softwareMatch3.8.0e

ciscorvs4000_softwareMatch3.8.1e

ciscorvs4000_softwareMatch3.8.2e

ciscorvs4000_softwareMatch3.8.3e

ciscorvs4000_softwareMatch3.8.4e

ciscorvs4000_softwareMatch3.8.5e

ciscorvs4000_softwareMatch3.8.5ae

ciscorvs4000_softwareMatch3.8.6e

ciscorvs4000_softwareMatch3.8.7e

ciscorvs4000_softwareMatch3.8.8e

ciscorvs4000_softwareMatch3.18.0sp

ciscorvs4000_softwareMatch3.9.0e

ciscorvs4000_softwareMatch3.9.1e

ciscorvs4000_softwareMatch3.9.2e

ciscorvs4000_softwareMatch3.9.2be

ciscorvs4000_softwareMatch3.10.0e

ciscorvs4000_softwareMatch3.10.1e

ciscorvs4000_softwareMatch3.10.0ce

ciscorvs4000_softwareMatch3.10.2e

ciscorvs4000_softwareMatch3.10.1ae

ciscorvs4000_softwareMatch3.10.1se

CPENameOperatorVersion
ioseq12.2SG
ioseq15.0XO
ioseq15.0EY
ioseq12.2WO
ioseq15.1SG
ioseq15.0SG
ioseq15.0EX
ioseq15.2E
cisco ios xe softwareeq3.2SG
cisco ios xe softwareeq3.3SG