Lucene search

[email protected]NVD:CVE-2020-3422

HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3422

2020-09-2418:15:19

CWE-371

[email protected]

web.nvd.nist.gov

vulnerability

ip service level agreement

cisco ios xe software

unauthenticated

remote attacker

denial of service

dos

ip sla responder

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. The vulnerability exists because the IP SLA responder could consume a port that could be used by another feature. An attacker could exploit this vulnerability by sending specific IP SLA control packets to the IP SLA responder on an affected device. The control packets must include the port number that could be used by another configured feature. A successful exploit could allow the attacker to cause an in-use port to be consumed by the IP SLA responder, impacting the feature that was using the port and resulting in a DoS condition.

Affected configurations

Nvd

Node

ciscoios_xeMatch16.9.3

AND

cisco1100_integrated_services_routerMatch-

cisco1101_integrated_services_routerMatch-

cisco1109_integrated_services_routerMatch-

cisco1111x_integrated_services_routerMatch-

cisco111x_integrated_services_routerMatch-

cisco1120_integrated_services_routerMatch-

cisco1160_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

cisco4461_integrated_services_routerMatch-

ciscoasr_1001-hxMatch-

ciscoasr_1001-xMatch-

ciscoasr_1002-hxMatch-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1006-xMatch-

ciscoasr_1009-xMatch-

ciscoasr_1013Match-

ciscocatalyst_3650Match-

ciscocatalyst_3850Match-

ciscocatalyst_9200Match-

ciscocatalyst_9300Match-

ciscocatalyst_9400Match-

ciscocatalyst_9500Match-

ciscocatalyst_9600Match-

ciscocatalyst_9800Match-

ciscocsr_1000vMatch-

VendorProductVersionCPE
ciscoios_xe16.9.3cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*
cisco1100_integrated_services_router-cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*
cisco1101_integrated_services_router-cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*
cisco1109_integrated_services_router-cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*
cisco1111x_integrated_services_router-cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*
cisco111x_integrated_services_router-cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*
cisco1120_integrated_services_router-cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*
cisco1160_integrated_services_router-cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*
cisco4221_integrated_services_router-cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cisco4331_integrated_services_router-cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	16.9.3	cpe:2.3:o:cisco:ios_xe:16.9.3:::::::*
cisco	1100_integrated_services_router	-	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
cisco	1101_integrated_services_router	-	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
cisco	1109_integrated_services_router	-	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
cisco	1111x_integrated_services_router	-	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
cisco	111x_integrated_services_router	-	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
cisco	1120_integrated_services_router	-	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
cisco	1160_integrated_services_router	-	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
cisco	4221_integrated_services_router	-	cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::*
cisco	4331_integrated_services_router	-	cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::*

Rows per page:

1-10 of 301

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-jw2DJmSv

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

Related for NVD:CVE-2020-3422

cve1 prion1 cisco1 cvelist1