Lucene search

[email protected]CVE-2020-3496

HistoryAug 26, 2020 - 5:15 p.m.

CVE-2020-3496

2020-08-2617:15:14

CWE-20

[email protected]

web.nvd.nist.gov

cisco

small business

switches

ipv6

dos

vulnerability

nvd

cve-2020-3496

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.

Affected configurations

NVD

Node

ciscosg200-50_firmwareRange≤2.5.5.47

AND

ciscosg200-50Match-

Node

ciscosg200-50p_firmwareRange≤2.5.5.47

AND

ciscosg200-50pMatch-

Node

ciscosg200-50fp_firmwareRange≤2.5.5.47

AND

ciscosg200-50fpMatch-

Node

ciscosg200-26_firmwareRange≤2.5.5.47

AND

ciscosg200-26Match-

Node

ciscosg200-26p_firmwareRange≤2.5.5.47

AND

ciscosg200-26pMatch-

Node

ciscosg200-26fp_firmwareRange≤2.5.5.47

AND

ciscosg200-26fpMatch-

Node

ciscosg200-18_firmwareRange≤2.5.5.47

AND

ciscosg200-18Match-

Node

ciscosg200-10fp_firmwareRange≤2.5.5.47

AND

ciscosg200-10fpMatch-

Node

ciscosg200-08_firmwareRange≤2.5.5.47

AND

ciscosg200-08Match-

Node

ciscosg200-08p_firmwareRange≤2.5.5.47

AND

ciscosg200-08pMatch-

Node

ciscosf200-24_firmwareRange≤2.5.5.47

AND

ciscosf200-24Match-

Node

ciscosf200-24p_firmwareRange≤2.5.5.47

AND

ciscosf200-24pMatch-

Node

ciscosf200-24fp_firmwareRange≤2.5.5.47

AND

ciscosf200-24fpMatch-

Node

ciscosf200-48_firmwareRange≤2.5.5.47

AND

ciscosf200-48Match-

Node

ciscosf200-48p_firmwareRange≤2.5.5.47

AND

ciscosf200-48pMatch-

Node

ciscosf302-08pp_firmwareRange≤2.5.5.47

AND

ciscosf302-08ppMatch-

Node

ciscosf302-08mpp_firmwareRange≤2.5.5.47

AND

ciscosf302-08mppMatch-

Node

ciscosg300-10pp_firmwareRange≤2.5.5.47

AND

ciscosg300-10ppMatch-

Node

ciscosg300-10mpp_firmwareRange≤2.5.5.47

AND

ciscosg300-10mppMatch-

Node

ciscosf300-24pp_firmwareRange≤2.5.5.47

AND

ciscosf300-24ppMatch-

Node

ciscosf300-48pp_firmwareRange≤2.5.5.47

AND

ciscosf300-48ppMatch-

Node

ciscosg300-28pp_firmwareRange≤2.5.5.47

AND

ciscosg300-28ppMatch-

Node

ciscosf300-08_firmwareRange≤2.5.5.47

AND

ciscosf300-08Match-

Node

ciscosf300-48p_firmwareRange≤2.5.5.47

AND

ciscosf300-48pMatch-

Node

ciscosg300-10mp_firmwareRange≤2.5.5.47

AND

ciscosg300-10mpMatch-

Node

ciscosg300-10p_firmwareRange≤2.5.5.47

AND

ciscosg300-10pMatch-

Node

ciscosg300-10_firmwareRange≤2.5.5.47

AND

ciscosg300-10Match-

Node

ciscosg300-28p_firmwareRange≤2.5.5.47

AND

ciscosg300-28pMatch-

Node

ciscosf300-24p_firmwareRange≤2.5.5.47

AND

ciscosf300-24pMatch-

Node

ciscosf302-08mp_firmwareRange≤2.5.5.47

AND

ciscosf302-08mpMatch-

Node

ciscosg300-28_firmwareRange≤2.5.5.47

AND

ciscosg300-28Match-

Node

ciscosf300-48_firmwareRange≤2.5.5.47

AND

ciscosf300-48Match-

Node

ciscosg300-20_firmwareRange≤2.5.5.47

AND

ciscosg300-20Match-

Node

ciscosf302-08p_firmwareRange≤2.5.5.47

AND

ciscosf302-08pMatch-

Node

ciscosg300-52_firmwareRange≤2.5.5.47

AND

ciscosg300-52Match-

Node

ciscosf300-24_firmwareRange≤2.5.5.47

AND

ciscosf300-24Match-

Node

ciscosf302-08_firmwareRange≤2.5.5.47

AND

ciscosf302-08Match-

Node

ciscosf300-24mp_firmwareRange≤2.5.5.47

AND

ciscosf300-24mpMatch-

Node

ciscosg300-10sfp_firmwareRange≤2.5.5.47

AND

ciscosg300-10sfpMatch-

Node

ciscosg300-28mp_firmwareRange≤2.5.5.47

AND

ciscosg300-28mpMatch-

Node

ciscosg300-52p_firmwareRange≤2.5.5.47

AND

ciscosg300-52pMatch-

Node

ciscosg300-52mp_firmwareRange≤2.5.5.47

AND

ciscosg300-52mpMatch-

Node

ciscosg500-28mpp_firmwareRange≤2.5.5.47

AND

ciscosg500-28mppMatch-

Node

ciscosg500-52mp_firmwareRange≤2.5.5.47

AND

ciscosg500-52mpMatch-

Node

ciscosg500xg-8f8t_firmwareRange≤2.5.5.47

AND

ciscosg500xg-8f8tMatch-

Node

ciscosf500-24_firmwareRange≤2.5.5.47

AND

ciscosf500-24Match-

Node

ciscosf500-24p_firmwareRange≤2.5.5.47

AND

ciscosf500-24pMatch-

Node

ciscosf500-48_firmwareRange≤2.5.5.47

AND

ciscosf500-48Match-

Node

ciscosf500-48p_firmwareRange≤2.5.5.47

AND

ciscosf500-48pMatch-

Node

ciscosg500-28_firmwareRange≤2.5.5.47

AND

ciscosg500-28Match-

Node

ciscosg500-28p_firmwareRange≤2.5.5.47

AND

ciscosg500-28pMatch-

Node

ciscosg500-52_firmwareRange≤2.5.5.47

AND

ciscosg500-52Match-

Node

ciscosg500-52p_firmwareRange≤2.5.5.47

AND

ciscosg500-52pMatch-

Node

ciscosg500x-24_firmwareRange≤2.5.5.47

AND

ciscosg500x-24Match-

Node

ciscosg500x-24p_firmwareRange≤2.5.5.47

AND

ciscosg500x-24pMatch-

Node

ciscosg500x-48_firmwareRange≤2.5.5.47

AND

ciscosg500x-48Match-

Node

ciscosg500x-48p_firmwareRange≤2.5.5.47

AND

ciscosg500x-48pMatch-

Node

ciscosg250x-24_firmwareRange≤2.5.5.47

AND

ciscosg250x-24Match-

Node

ciscosg250x-24p_firmwareRange≤2.5.5.47

AND

ciscosg250x-24pMatch-

Node

ciscosg250x-48_firmwareRange≤2.5.5.47

AND

ciscosg250x-48Match-

Node

ciscosg250x-48p_firmwareRange≤2.5.5.47

AND

ciscosg250x-48pMatch-

Node

ciscosg250-08_firmwareRange≤2.5.5.47

AND

ciscosg250-08Match-

Node

ciscosg250-08hp_firmwareRange≤2.5.5.47

AND

ciscosg250-08hpMatch-

Node

ciscosg250-10p_firmwareRange≤2.5.5.47

AND

ciscosg250-10pMatch-

Node

ciscosg250-18_firmwareRange≤2.5.5.47

AND

ciscosg250-18Match-

Node

ciscosg250-26_firmwareRange≤2.5.5.47

AND

ciscosg250-26Match-

Node

ciscosg250-26hp_firmwareRange≤2.5.5.47

AND

ciscosg250-26hpMatch-

Node

ciscosg250-26p_firmwareRange≤2.5.5.47

AND

ciscosg250-26pMatch-

Node

ciscosg250-50_firmwareRange≤2.5.5.47

AND

ciscosg250-50Match-

Node

ciscosg250-50hp_firmwareRange≤2.5.5.47

AND

ciscosg250-50hpMatch-

Node

ciscosg250-50p_firmwareRange≤2.5.5.47

AND

ciscosg250-50pMatch-

Node

ciscosf250-24_firmwareRange≤2.5.5.47

AND

ciscosf250-24Match-

Node

ciscosf250-24p_firmwareRange≤2.5.5.47

AND

ciscosf250-24pMatch-

Node

ciscosf250-48_firmwareRange≤2.5.5.47

AND

ciscosf250-48Match-

Node

ciscosf250-48hp_firmwareRange≤2.5.5.47

AND

ciscosf250-48hpMatch-

Node

ciscosg350-10_firmwareRange≤2.5.5.47

AND

ciscosg350-10Match-

Node

ciscosg350-10p_firmwareRange≤2.5.5.47

AND

ciscosg350-10pMatch-

Node

ciscosg350-10mp_firmwareRange≤2.5.5.47

AND

ciscosg350-10mpMatch-

Node

ciscosg355-10p_firmwareRange≤2.5.5.47

AND

ciscosg355-10pMatch-

Node

ciscosg350-28_firmwareRange≤2.5.5.47

AND

ciscosg350-28Match-

Node

ciscosg350-28p_firmwareRange≤2.5.5.47

AND

ciscosg350-28pMatch-

Node

ciscosg350-28mp_firmwareRange≤2.5.5.47

AND

ciscosg350-28mpMatch-

Node

ciscosf350-48_firmwareRange≤2.5.5.47

AND

ciscosf350-48Match-

Node

ciscosf350-48p_firmwareRange≤2.5.5.47

AND

ciscosf350-48pMatch-

Node

ciscosf350-48mp_firmwareRange≤2.5.5.47

AND

ciscosf350-48mpMatch-

Node

ciscosg350xg-2f10_firmwareRange≤2.5.5.47

AND

ciscosg350xg-2f10Match-

Node

ciscosg350xg-24f_firmwareRange≤2.5.5.47

AND

ciscosg350xg-24fMatch-

Node

ciscosg350xg-24t_firmwareRange≤2.5.5.47

AND

ciscosg350xg-24tMatch-

Node

ciscosg350xg-48t_firmwareRange≤2.5.5.47

AND

ciscosg350xg-48tMatch-

Node

ciscosg350x-24_firmwareRange≤2.5.5.47

AND

ciscosg350x-24Match-

Node

ciscosg350x-24p_firmwareRange≤2.5.5.47

AND

ciscosg350x-24pMatch-

Node

ciscosg350x-24mp_firmwareRange≤2.5.5.47

AND

ciscosg350x-24mpMatch-

Node

ciscosg350x-48_firmwareRange≤2.5.5.47

AND

ciscosg350x-48Match-

Node

ciscosg350x-48p_firmwareRange≤2.5.5.47

AND

ciscosg350x-48pMatch-

Node

ciscosg350x-48mp_firmwareRange≤2.5.5.47

AND

ciscosg350x-48mpMatch-

Node

ciscosx550x-16ft_firmwareRange≤2.5.5.47

AND

ciscosx550x-16ftMatch-

Node

ciscosx550x-24ft_firmwareRange≤2.5.5.47

AND

ciscosx550x-24ftMatch-

Node

ciscosx550x-12f_firmwareRange≤2.5.5.47

AND

ciscosx550x-12fMatch-

Node

ciscosx550x-24f_firmwareRange≤2.5.5.47

AND

ciscosx550x-24fMatch-

Node

ciscosx550x-24_firmwareRange≤2.5.5.47

AND

ciscosx550x-24Match-

Node

ciscosx550x-52_firmwareRange≤2.5.5.47

AND

ciscosx550x-52Match-

Node

ciscosg550x-24_firmwareRange≤2.5.5.47

AND

ciscosg550x-24Match-

Node

ciscosg550x-24p_firmwareRange≤2.5.5.47

AND

ciscosg550x-24pMatch-

Node

ciscosg550x-24mp_firmwareRange≤2.5.5.47

AND

ciscosg550x-24mpMatch-

Node

ciscosg550x-24mpp_firmwareRange≤2.5.5.47

AND

ciscosg550x-24mppMatch-

Node

ciscosg550x-48_firmwareRange≤2.5.5.47

AND

ciscosg550x-48Match-

Node

ciscosg550x-48p_firmwareRange≤2.5.5.47

AND

ciscosg550x-48pMatch-

Node

ciscosg550x-48mp_firmwareRange≤2.5.5.47

AND

ciscosg550x-48mpMatch-

Node

ciscosf550x-24_firmwareRange≤2.5.5.47

AND

ciscosf550x-24Match-

Node

ciscosf550x-24p_firmwareRange≤2.5.5.47

AND

ciscosf550x-24pMatch-

Node

ciscosf550x-24mp_firmwareRange≤2.5.5.47

AND

ciscosf550x-24mpMatch-

Node

ciscosf550x-48_firmwareRange≤2.5.5.47

AND

ciscosf550x-48Match-

Node

ciscosf550x-48p_firmwareRange≤2.5.5.47

AND

ciscosf550x-48pMatch-

Node

ciscosf550x-48mp_firmwareRange≤2.5.5.47

AND

ciscosf550x-48mpMatch-

CPENameOperatorVersion
cisco:sg200-50_firmwarecisco sg200-50 firmwarele2.5.5.47

CPE	Name	Operator	Version
cisco:sg200-50_firmware	cisco sg200-50 firmware	le	2.5.5.47

CNA Affected

[
  {
    "product": "Cisco Small Business 250 Series Smart Switches Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbffW

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVE-2020-3496

nvd1 prion1 cvelist1 cisco1