CiscoCVELIST:CVE-2024-20406CVE-2024-20406 Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
9.6%
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition.
Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type.
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco IOS XR Software",
"versions": [
{
"version": "7.4.1",
"status": "affected"
},
{
"version": "6.8.1",
"status": "affected"
},
{
"version": "7.4.15",
"status": "affected"
},
{
"version": "7.5.1",
"status": "affected"
},
{
"version": "7.4.16",
"status": "affected"
},
{
"version": "7.6.1",
"status": "affected"
},
{
"version": "7.5.2",
"status": "affected"
},
{
"version": "7.8.1",
"status": "affected"
},
{
"version": "7.6.15",
"status": "affected"
},
{
"version": "7.5.12",
"status": "affected"
},
{
"version": "7.7.1",
"status": "affected"
},
{
"version": "6.8.2",
"status": "affected"
},
{
"version": "7.4.2",
"status": "affected"
},
{
"version": "6.9.1",
"status": "affected"
},
{
"version": "7.6.2",
"status": "affected"
},
{
"version": "7.5.3",
"status": "affected"
},
{
"version": "7.7.2",
"status": "affected"
},
{
"version": "6.9.2",
"status": "affected"
},
{
"version": "7.9.1",
"status": "affected"
},
{
"version": "7.10.1",
"status": "affected"
},
{
"version": "7.8.2",
"status": "affected"
},
{
"version": "7.5.4",
"status": "affected"
},
{
"version": "7.8.22",
"status": "affected"
},
{
"version": "7.7.21",
"status": "affected"
},
{
"version": "7.9.2",
"status": "affected"
},
{
"version": "7.5.5",
"status": "affected"
},
{
"version": "7.11.1",
"status": "affected"
},
{
"version": "7.9.21",
"status": "affected"
},
{
"version": "7.10.2",
"status": "affected"
},
{
"version": "7.6.3",
"status": "affected"
}
],
"defaultStatus": "unknown"
}
]Related
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
9.6%