7.4
CVE-2020-3465
- EPSS 0.1%
- Veröffentlicht 24.09.2020 18:15:19
- Zuletzt bearbeitet 21.11.2024 05:31:07
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Version16.6.9
Cisco ≫ 1100-4p Version-
Cisco ≫ 1100-8p Version-
Cisco ≫ 1100 Terminal Services Gateways Version-
Cisco ≫ 1101-4p Version-
Cisco ≫ 1109-2p Version-
Cisco ≫ 1109-4p Version-
Cisco ≫ 1111x-8p Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ 9800-cl Version-
Cisco ≫ 9800-l Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Esr6300 Version-
Cisco ≫ Ir 1101 Version-
Cisco ≫ Isrv Version-
Cisco ≫ Vg400 Version-
Cisco ≫ 1100-8p Version-
Cisco ≫ 1100 Terminal Services Gateways Version-
Cisco ≫ 1101-4p Version-
Cisco ≫ 1109-2p Version-
Cisco ≫ 1109-4p Version-
Cisco ≫ 1111x-8p Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ 9800-cl Version-
Cisco ≫ 9800-l Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Esr6300 Version-
Cisco ≫ Ir 1101 Version-
Cisco ≫ Isrv Version-
Cisco ≫ Vg400 Version-
Cisco ≫ Ios Xe Version17.4.1
Cisco ≫ 1100-4p Version-
Cisco ≫ 1100-8p Version-
Cisco ≫ 1100 Terminal Services Gateways Version-
Cisco ≫ 1101-4p Version-
Cisco ≫ 1109-2p Version-
Cisco ≫ 1109-4p Version-
Cisco ≫ 1111x-8p Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ 9800-cl Version-
Cisco ≫ 9800-l Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Esr6300 Version-
Cisco ≫ Ir 1101 Version-
Cisco ≫ Isrv Version-
Cisco ≫ Vg400 Version-
Cisco ≫ 1100-8p Version-
Cisco ≫ 1100 Terminal Services Gateways Version-
Cisco ≫ 1101-4p Version-
Cisco ≫ 1109-2p Version-
Cisco ≫ 1109-4p Version-
Cisco ≫ 1111x-8p Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ 9800-cl Version-
Cisco ≫ 9800-l Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Esr6300 Version-
Cisco ≫ Ir 1101 Version-
Cisco ≫ Isrv Version-
Cisco ≫ Vg400 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.249 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.1 | 6.5 | 6.9 |
AV:A/AC:L/Au:N/C:N/I:N/A:C
|
| psirt@cisco.com | 7.4 | 2.8 | 4 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.