Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-COPS-VLD-MPBTVGEW
HistorySep 24, 2020 - 4:00 p.m.

Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability

2020-09-2416:00:00
tools.cisco.com
15
cisco
ios xe
cops engine
dos
vulnerability
remote attacker
device crash
software updates
input validation
cisco event response

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW”]

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74268”].

Affected configurations

Vulners
Node
ciscocisco_ios_xe_softwareMatch3.15s
OR
ciscocisco_ios_xe_softwareMatch3.16s
OR
ciscocisco_ios_xe_softwareMatch3.17s
OR
ciscocisco_ios_xe_softwareMatch16.4
OR
ciscocisco_ios_xe_softwareMatch16.5
OR
ciscocisco_ios_xe_softwareMatch3.18s
OR
ciscocisco_ios_xe_softwareMatch3.18sp
OR
ciscocisco_ios_xe_softwareMatch16.6
OR
ciscocisco_ios_xe_softwareMatch16.7
OR
ciscocisco_ios_xe_softwareMatch16.8
OR
ciscocisco_ios_xe_softwareMatch16.9
OR
ciscocisco_ios_xe_softwareMatch16.10
OR
ciscocisco_ios_xe_softwareMatch16.11
OR
ciscocisco_ios_xe_softwareMatch16.12
OR
ciscocisco_ios_xe_softwareMatch17.1
OR
ciscocisco_ios_xe_softwareMatchany
OR
ciscocisco_ios_xe_softwareMatch3.15.0s
OR
ciscocisco_ios_xe_softwareMatch3.15.1s
OR
ciscocisco_ios_xe_softwareMatch3.15.2s
OR
ciscocisco_ios_xe_softwareMatch3.15.3s
OR
ciscocisco_ios_xe_softwareMatch3.16.0s
OR
ciscocisco_ios_xe_softwareMatch3.16.1s
OR
ciscocisco_ios_xe_softwareMatch3.16.2s
OR
ciscocisco_ios_xe_softwareMatch3.17.0s
OR
ciscocisco_ios_xe_softwareMatch3.17.1s
OR
ciscocisco_ios_xe_softwareMatch3.17.2s
OR
ciscocisco_ios_xe_softwareMatch16.4.1
OR
ciscocisco_ios_xe_softwareMatch16.5.1
OR
ciscocisco_ios_xe_softwareMatch3.18.0as
OR
ciscocisco_ios_xe_softwareMatch3.18.1s
OR
ciscocisco_ios_xe_softwareMatch3.18.0sp
OR
ciscocisco_ios_xe_softwareMatch3.18.1sp
OR
ciscocisco_ios_xe_softwareMatch3.18.1asp
OR
ciscocisco_ios_xe_softwareMatch3.18.2asp
OR
ciscocisco_ios_xe_softwareMatch3.18.3sp
OR
ciscocisco_ios_xe_softwareMatch3.18.4sp
OR
ciscocisco_ios_xe_softwareMatch3.18.3asp
OR
ciscocisco_ios_xe_softwareMatch3.18.3bsp
OR
ciscocisco_ios_xe_softwareMatch3.18.5sp
OR
ciscocisco_ios_xe_softwareMatch3.18.6sp
OR
ciscocisco_ios_xe_softwareMatch16.6.1
OR
ciscocisco_ios_xe_softwareMatch16.6.2
OR
ciscocisco_ios_xe_softwareMatch16.7.1
OR
ciscocisco_ios_xe_softwareMatch16.7.1a
OR
ciscocisco_ios_xe_softwareMatch16.7.1b
OR
ciscocisco_ios_xe_softwareMatch16.7.2
OR
ciscocisco_ios_xe_softwareMatch16.7.3
OR
ciscocisco_ios_xe_softwareMatch16.7.4
OR
ciscocisco_ios_xe_softwareMatch16.8.1
OR
ciscocisco_ios_xe_softwareMatch16.8.1d
OR
ciscocisco_ios_xe_softwareMatch16.8.1e
OR
ciscocisco_ios_xe_softwareMatch16.9.1
OR
ciscocisco_ios_xe_softwareMatch16.9.1a
OR
ciscocisco_ios_xe_softwareMatch16.10.1
OR
ciscocisco_ios_xe_softwareMatch16.10.1c
OR
ciscocisco_ios_xe_softwareMatch16.10.1d
OR
ciscocisco_ios_xe_softwareMatch16.10.1f
OR
ciscocisco_ios_xe_softwareMatch16.10.1g
OR
ciscocisco_ios_xe_softwareMatch16.11.2
OR
ciscocisco_ios_xe_softwareMatch16.12.1
OR
ciscocisco_ios_xe_softwareMatch16.12.1w
OR
ciscocisco_ios_xe_softwareMatch16.12.1y
OR
ciscocisco_ios_xe_softwareMatch16.12.2s
OR
ciscocisco_ios_xe_softwareMatch16.12.1x
OR
ciscocisco_ios_xe_softwareMatch16.12.2t
OR
ciscocisco_ios_xe_softwareMatch17.1.1
OR
ciscocisco_ios_xe_softwareMatch17.1.1s
OR
ciscocisco_ios_xe_softwareMatch17.1.1t
OR
ciscocisco_ios_xe_softwareMatchany
VendorProductVersionCPE
ciscocisco_ios_xe_software3.15scpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.17scpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.4cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.5cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18scpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18spcpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.6cpe:2.3:a:cisco:cisco_ios_xe_software:16.6:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.7cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.8cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 681

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2020-3526 Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability
2020-09-24 17:51:17
cve
cve
CVE-2020-3526
2020-09-24 18:15:21
prion
prion
Input validation
2020-09-24 18:15:00
nvd
nvd
CVE-2020-3526
2020-09-24 18:15:21

EPSS

0.002

Percentile

52.7%

JSON
Related for CISCO-SA-COPS-VLD-MPBTVGEW
cvelist1cve1prion1nvd1