8.6

CVE-2020-3408

EPSS 1.16%
Veröffentlicht 24.09.2020 18:15:18
Zuletzt bearbeitet 21.11.2024 05:30:58
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version15.8(3)m3

   Cisco ≫ 1100-4g Integrated Services Router Version-
   Cisco ≫ 1100-4gltegb Integrated Services Router Version-
   Cisco ≫ 1100-4gltena Integrated Services Router Version-
   Cisco ≫ 1100-4p Integrated Services Router Version-
   Cisco ≫ 1100-6g Integrated Services Router Version-
   Cisco ≫ 1100-8p Integrated Services Router Version-
   Cisco ≫ 1100-lte Integrated Services Router Version-
   Cisco ≫ 1100 Integrated Services Router Version-
   Cisco ≫ 1101-4p Integrated Services Router Version-
   Cisco ≫ 1101 Integrated Services Router Version-
   Cisco ≫ 1109-2p Integrated Services Router Version-
   Cisco ≫ 1109-4p Integrated Services Router Version-
   Cisco ≫ 1109 Integrated Services Router Version-
   Cisco ≫ 1111x-8p Integrated Services Router Version-
   Cisco ≫ 1111x Integrated Services Router Version-
   Cisco ≫ 111x Integrated Services Router Version-
   Cisco ≫ 1120 Integrated Services Router Version-
   Cisco ≫ 1160 Integrated Services Router Version-
   Cisco ≫ 4221 Integrated Services Router Version-
   Cisco ≫ 4331 Integrated Services Router Version-
   Cisco ≫ 4431 Integrated Services Router Version-
   Cisco ≫ 4451 Integrated Services Router Version-
   Cisco ≫ 4461 Integrated Services Router Version-
   Cisco ≫ Asr 1000-x Version-
   Cisco ≫ Asr 1001 Version-
   Cisco ≫ Asr 1001-x Version-
   Cisco ≫ Asr 1002 Version-
   Cisco ≫ Asr 1002-x Version-
   Cisco ≫ Asr 1004 Version-
   Cisco ≫ Asr 1006 Version-
   Cisco ≫ Asr 1013 Version-
   Cisco ≫ Asr1001-hx Version-
   Cisco ≫ Asr1001-hx-rf Version-
   Cisco ≫ Asr1001-x-rf Version-
   Cisco ≫ Asr1001-x-ws Version-
   Cisco ≫ Asr1002-hx Version-
   Cisco ≫ Asr1002-hx-rf Version-
   Cisco ≫ Asr1002-hx-ws Version-
   Cisco ≫ Asr1002-x-rf Version-
   Cisco ≫ Asr1002-x-ws Version-
   Cisco ≫ Catalyst 9800-40 Version-
   Cisco ≫ Catalyst 9800-80 Version-
   Cisco ≫ Catalyst 9800-cl Version-
   Cisco ≫ Catalyst 9800-l Version-
   Cisco ≫ Catalyst 9800-l-c Version-
   Cisco ≫ Catalyst 9800-l-f Version-
   Cisco ≫ Catalyst C9200-24p Version-
   Cisco ≫ Catalyst C9200-24t Version-
   Cisco ≫ Catalyst C9200-48p Version-
   Cisco ≫ Catalyst C9200-48t Version-
   Cisco ≫ Catalyst C9200l-24p-4g Version-
   Cisco ≫ Catalyst C9200l-24p-4x Version-
   Cisco ≫ Catalyst C9200l-24pxg-2y Version-
   Cisco ≫ Catalyst C9200l-24pxg-4x Version-
   Cisco ≫ Catalyst C9200l-24t-4g Version-
   Cisco ≫ Catalyst C9200l-24t-4x Version-
   Cisco ≫ Catalyst C9200l-48p-4g Version-
   Cisco ≫ Catalyst C9200l-48p-4x Version-
   Cisco ≫ Catalyst C9200l-48pxg-2y Version-
   Cisco ≫ Catalyst C9200l-48pxg-4x Version-
   Cisco ≫ Catalyst C9200l-48t-4g Version-
   Cisco ≫ Catalyst C9200l-48t-4x Version-
   Cisco ≫ Catalyst C9300-24p Version-
   Cisco ≫ Catalyst C9300-24s Version-
   Cisco ≫ Catalyst C9300-24t Version-
   Cisco ≫ Catalyst C9300-24u Version-
   Cisco ≫ Catalyst C9300-24ux Version-
   Cisco ≫ Catalyst C9300-48p Version-
   Cisco ≫ Catalyst C9300-48s Version-
   Cisco ≫ Catalyst C9300-48t Version-
   Cisco ≫ Catalyst C9300-48u Version-
   Cisco ≫ Catalyst C9300-48un Version-
   Cisco ≫ Catalyst C9300-48uxm Version-
   Cisco ≫ Catalyst C9300l-24p-4g Version-
   Cisco ≫ Catalyst C9300l-24p-4x Version-
   Cisco ≫ Catalyst C9300l-24t-4g Version-
   Cisco ≫ Catalyst C9300l-24t-4x Version-
   Cisco ≫ Catalyst C9300l-48p-4g Version-
   Cisco ≫ Catalyst C9300l-48p-4x Version-
   Cisco ≫ Catalyst C9300l-48t-4g Version-
   Cisco ≫ Catalyst C9300l-48t-4x Version-
   Cisco ≫ Catalyst C9404r Version-
   Cisco ≫ Catalyst C9407r Version-
   Cisco ≫ Catalyst C9410r Version-
   Cisco ≫ Catalyst C9500-12q Version-
   Cisco ≫ Catalyst C9500-16x Version-
   Cisco ≫ Catalyst C9500-24q Version-
   Cisco ≫ Catalyst C9500-24y4c Version-
   Cisco ≫ Catalyst C9500-32c Version-
   Cisco ≫ Catalyst C9500-32qc Version-
   Cisco ≫ Catalyst C9500-40x Version-
   Cisco ≫ Catalyst C9500-48y4c Version-
   Cisco ≫ Csr 1000v
   Cisco ≫ Ws-c3650-12x48uq Version-
   Cisco ≫ Ws-c3650-12x48ur Version-
   Cisco ≫ Ws-c3650-12x48uz Version-
   Cisco ≫ Ws-c3650-24pd Version-
   Cisco ≫ Ws-c3650-24pdm Version-
   Cisco ≫ Ws-c3650-24ps Version-
   Cisco ≫ Ws-c3650-24td Version-
   Cisco ≫ Ws-c3650-24ts Version-
   Cisco ≫ Ws-c3650-48fd Version-
   Cisco ≫ Ws-c3650-48fq Version-
   Cisco ≫ Ws-c3650-48fqm Version-
   Cisco ≫ Ws-c3650-48fs Version-
   Cisco ≫ Ws-c3650-48pd Version-
   Cisco ≫ Ws-c3650-48pq Version-
   Cisco ≫ Ws-c3650-48ps Version-
   Cisco ≫ Ws-c3650-48td Version-
   Cisco ≫ Ws-c3650-48tq Version-
   Cisco ≫ Ws-c3650-48ts Version-
   Cisco ≫ Ws-c3650-8x24uq Version-
   Cisco ≫ Ws-c3850 Version-
   Cisco ≫ Ws-c3850-12s Version-
   Cisco ≫ Ws-c3850-12x48u Version-
   Cisco ≫ Ws-c3850-12xs Version-
   Cisco ≫ Ws-c3850-24p Version-
   Cisco ≫ Ws-c3850-24s Version-
   Cisco ≫ Ws-c3850-24t Version-
   Cisco ≫ Ws-c3850-24u Version-
   Cisco ≫ Ws-c3850-24xs Version-
   Cisco ≫ Ws-c3850-24xu Version-
   Cisco ≫ Ws-c3850-48f Version-
   Cisco ≫ Ws-c3850-48p Version-
   Cisco ≫ Ws-c3850-48t Version-
   Cisco ≫ Ws-c3850-48u Version-
   Cisco ≫ Ws-c3850-48xs Version-

Cisco ≫ Ios Xe Version15.8(3)m3

   Cisco ≫ 1100-4g Integrated Services Router Version-
   Cisco ≫ 1100-4gltegb Integrated Services Router Version-
   Cisco ≫ 1100-4gltena Integrated Services Router Version-
   Cisco ≫ 1100-4p Integrated Services Router Version-
   Cisco ≫ 1100-6g Integrated Services Router Version-
   Cisco ≫ 1100-8p Integrated Services Router Version-
   Cisco ≫ 1100-lte Integrated Services Router Version-
   Cisco ≫ 1100 Integrated Services Router Version-
   Cisco ≫ 1101-4p Integrated Services Router Version-
   Cisco ≫ 1101 Integrated Services Router Version-
   Cisco ≫ 1109-2p Integrated Services Router Version-
   Cisco ≫ 1109-4p Integrated Services Router Version-
   Cisco ≫ 1109 Integrated Services Router Version-
   Cisco ≫ 1111x-8p Integrated Services Router Version-
   Cisco ≫ 1111x Integrated Services Router Version-
   Cisco ≫ 111x Integrated Services Router Version-
   Cisco ≫ 1120 Integrated Services Router Version-
   Cisco ≫ 1160 Integrated Services Router Version-
   Cisco ≫ 4221 Integrated Services Router Version-
   Cisco ≫ 4331 Integrated Services Router Version-
   Cisco ≫ 4431 Integrated Services Router Version-
   Cisco ≫ 4451 Integrated Services Router Version-
   Cisco ≫ 4461 Integrated Services Router Version-
   Cisco ≫ Asr 1000-x Version-
   Cisco ≫ Asr 1001 Version-
   Cisco ≫ Asr 1001-x Version-
   Cisco ≫ Asr 1002 Version-
   Cisco ≫ Asr 1002-x Version-
   Cisco ≫ Asr 1004 Version-
   Cisco ≫ Asr 1006 Version-
   Cisco ≫ Asr 1013 Version-
   Cisco ≫ Asr1001-hx Version-
   Cisco ≫ Asr1001-hx-rf Version-
   Cisco ≫ Asr1001-x-rf Version-
   Cisco ≫ Asr1001-x-ws Version-
   Cisco ≫ Asr1002-hx Version-
   Cisco ≫ Asr1002-hx-rf Version-
   Cisco ≫ Asr1002-hx-ws Version-
   Cisco ≫ Asr1002-x-rf Version-
   Cisco ≫ Asr1002-x-ws Version-
   Cisco ≫ Catalyst 9800-40 Version-
   Cisco ≫ Catalyst 9800-80 Version-
   Cisco ≫ Catalyst 9800-cl Version-
   Cisco ≫ Catalyst 9800-l Version-
   Cisco ≫ Catalyst 9800-l-c Version-
   Cisco ≫ Catalyst 9800-l-f Version-
   Cisco ≫ Catalyst C9200-24p Version-
   Cisco ≫ Catalyst C9200-24t Version-
   Cisco ≫ Catalyst C9200-48p Version-
   Cisco ≫ Catalyst C9200-48t Version-
   Cisco ≫ Catalyst C9200l-24p-4g Version-
   Cisco ≫ Catalyst C9200l-24p-4x Version-
   Cisco ≫ Catalyst C9200l-24pxg-2y Version-
   Cisco ≫ Catalyst C9200l-24pxg-4x Version-
   Cisco ≫ Catalyst C9200l-24t-4g Version-
   Cisco ≫ Catalyst C9200l-24t-4x Version-
   Cisco ≫ Catalyst C9200l-48p-4g Version-
   Cisco ≫ Catalyst C9200l-48p-4x Version-
   Cisco ≫ Catalyst C9200l-48pxg-2y Version-
   Cisco ≫ Catalyst C9200l-48pxg-4x Version-
   Cisco ≫ Catalyst C9200l-48t-4g Version-
   Cisco ≫ Catalyst C9200l-48t-4x Version-
   Cisco ≫ Catalyst C9300-24p Version-
   Cisco ≫ Catalyst C9300-24s Version-
   Cisco ≫ Catalyst C9300-24t Version-
   Cisco ≫ Catalyst C9300-24u Version-
   Cisco ≫ Catalyst C9300-24ux Version-
   Cisco ≫ Catalyst C9300-48p Version-
   Cisco ≫ Catalyst C9300-48s Version-
   Cisco ≫ Catalyst C9300-48t Version-
   Cisco ≫ Catalyst C9300-48u Version-
   Cisco ≫ Catalyst C9300-48un Version-
   Cisco ≫ Catalyst C9300-48uxm Version-
   Cisco ≫ Catalyst C9300l-24p-4g Version-
   Cisco ≫ Catalyst C9300l-24p-4x Version-
   Cisco ≫ Catalyst C9300l-24t-4g Version-
   Cisco ≫ Catalyst C9300l-24t-4x Version-
   Cisco ≫ Catalyst C9300l-48p-4g Version-
   Cisco ≫ Catalyst C9300l-48p-4x Version-
   Cisco ≫ Catalyst C9300l-48t-4g Version-
   Cisco ≫ Catalyst C9300l-48t-4x Version-
   Cisco ≫ Catalyst C9404r Version-
   Cisco ≫ Catalyst C9407r Version-
   Cisco ≫ Catalyst C9410r Version-
   Cisco ≫ Catalyst C9500-12q Version-
   Cisco ≫ Catalyst C9500-16x Version-
   Cisco ≫ Catalyst C9500-24q Version-
   Cisco ≫ Catalyst C9500-24y4c Version-
   Cisco ≫ Catalyst C9500-32c Version-
   Cisco ≫ Catalyst C9500-32qc Version-
   Cisco ≫ Catalyst C9500-40x Version-
   Cisco ≫ Catalyst C9500-48y4c Version-
   Cisco ≫ Csr 1000v
   Cisco ≫ Ws-c3650-12x48uq Version-
   Cisco ≫ Ws-c3650-12x48ur Version-
   Cisco ≫ Ws-c3650-12x48uz Version-
   Cisco ≫ Ws-c3650-24pd Version-
   Cisco ≫ Ws-c3650-24pdm Version-
   Cisco ≫ Ws-c3650-24ps Version-
   Cisco ≫ Ws-c3650-24td Version-
   Cisco ≫ Ws-c3650-24ts Version-
   Cisco ≫ Ws-c3650-48fd Version-
   Cisco ≫ Ws-c3650-48fq Version-
   Cisco ≫ Ws-c3650-48fqm Version-
   Cisco ≫ Ws-c3650-48fs Version-
   Cisco ≫ Ws-c3650-48pd Version-
   Cisco ≫ Ws-c3650-48pq Version-
   Cisco ≫ Ws-c3650-48ps Version-
   Cisco ≫ Ws-c3650-48td Version-
   Cisco ≫ Ws-c3650-48tq Version-
   Cisco ≫ Ws-c3650-48ts Version-
   Cisco ≫ Ws-c3650-8x24uq Version-
   Cisco ≫ Ws-c3850 Version-
   Cisco ≫ Ws-c3850-12s Version-
   Cisco ≫ Ws-c3850-12x48u Version-
   Cisco ≫ Ws-c3850-12xs Version-
   Cisco ≫ Ws-c3850-24p Version-
   Cisco ≫ Ws-c3850-24s Version-
   Cisco ≫ Ws-c3850-24t Version-
   Cisco ≫ Ws-c3850-24u Version-
   Cisco ≫ Ws-c3850-24xs Version-
   Cisco ≫ Ws-c3850-24xu Version-
   Cisco ≫ Ws-c3850-48f Version-
   Cisco ≫ Ws-c3850-48p Version-
   Cisco ≫ Ws-c3850-48t Version-
   Cisco ≫ Ws-c3850-48u Version-
   Cisco ≫ Ws-c3850-48xs Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.16%	0.766

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C
psirt@cisco.com	8.6	3.9	4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-185 Incorrect Regular Expression

The product specifies a regular expression in a way that causes data to be improperly matched or compared.

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-3408

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-3408

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-3408

EUVD