Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2020-3231
HistoryJun 03, 2020 - 6:15 p.m.

CVE-2020-3231

2020-06-0318:15:21
CWE-284
CWE-863
cisco
web.nvd.nist.gov
37
cisco
switches
vulnerability
802.1x
authentication
broadcast traffic
cve-2020-3231
nvd

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication.

Affected configurations

Nvd
Node
ciscoiosMatch15.2\(5\)e2
OR
ciscoiosMatch15.2\(5\)ex
OR
ciscoiosMatch15.2\(5a\)e
OR
ciscoiosMatch15.2\(5b\)e
OR
ciscoiosMatch15.2\(5c\)e
OR
ciscoiosMatch15.2\(6\)e
OR
ciscoiosMatch15.2\(6\)e0c
OR
ciscoiosMatch15.2\(6\)e1
OR
ciscoiosMatch15.2\(6\)e1a
OR
ciscoiosMatch15.2\(6\)e1s
OR
ciscoiosMatch15.2\(6\)e2
OR
ciscoiosMatch15.2\(6\)e2b
OR
ciscoiosMatch15.2\(6\)e3
OR
ciscoiosMatch15.2\(6\)e4
OR
ciscoiosMatch15.2\(7\)e
OR
ciscoiosMatch15.2\(7\)e0a
OR
ciscoiosMatch15.2\(7\)e0b
OR
ciscoiosMatch15.2\(7\)e0s
OR
ciscoiosMatch15.2\(7a\)e0b
OR
ciscoiosMatch15.2\(7b\)e0b
OR
ciscoiosMatch15.3\(3\)jaa1
OR
ciscoiosMatch15.3\(3\)jpj
VendorProductVersionCPE
ciscoios15.2(5)e2cpe:2.3:o:cisco:ios:15.2\(5\)e2:*:*:*:*:*:*:*
ciscoios15.2(5)excpe:2.3:o:cisco:ios:15.2\(5\)ex:*:*:*:*:*:*:*
ciscoios15.2(5a)ecpe:2.3:o:cisco:ios:15.2\(5a\)e:*:*:*:*:*:*:*
ciscoios15.2(5b)ecpe:2.3:o:cisco:ios:15.2\(5b\)e:*:*:*:*:*:*:*
ciscoios15.2(5c)ecpe:2.3:o:cisco:ios:15.2\(5c\)e:*:*:*:*:*:*:*
ciscoios15.2(6)ecpe:2.3:o:cisco:ios:15.2\(6\)e:*:*:*:*:*:*:*
ciscoios15.2(6)e0ccpe:2.3:o:cisco:ios:15.2\(6\)e0c:*:*:*:*:*:*:*
ciscoios15.2(6)e1cpe:2.3:o:cisco:ios:15.2\(6\)e1:*:*:*:*:*:*:*
ciscoios15.2(6)e1acpe:2.3:o:cisco:ios:15.2\(6\)e1a:*:*:*:*:*:*:*
ciscoios15.2(6)e1scpe:2.3:o:cisco:ios:15.2\(6\)e1s:*:*:*:*:*:*:*
Rows per page:
1-10 of 221

CNA Affected

[
  {
    "product": "Cisco IOS 15.2(5a)E",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Related

cvelist 1
nessus 1
prion 1
cisco 1
nvd 1
cvelist
cvelist
CVE-2020-3231 Cisco IOS Software for CatalystΒ 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability
2020-06-03 17:42:27
nessus
nessus
Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability (cisco-sa-c2960L-DpWA9Re4)
2020-06-26 00:00:00
prion
prion
Authentication flaw
2020-06-03 18:15:00
cisco
cisco
Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability
2020-06-03 16:00:00
nvd
nvd
CVE-2020-3231
2020-06-03 18:15:21

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON
Related for CVE-2020-3231
cvelist1nessus1prion1cisco1nvd1