Lucene search

CiscoCVE-2020-3480

HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3480

2020-09-2418:15:20

CWE-754

cisco

web.nvd.nist.gov

cisco

ios xe

software

zone-based firewall

vulnerability

cisco cve

nvd

denial of service

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

Nvd

Node

ciscoios_xeMatch-

AND

cisco1100_integrated_services_routerMatch-

cisco1101_integrated_services_routerMatch-

cisco1109_integrated_services_routerMatch-

cisco1111x_integrated_services_routerMatch-

cisco111x_integrated_services_routerMatch-

cisco1120_integrated_services_routerMatch-

cisco1160_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco4321_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4351_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

cisco4451-x_integrated_services_routerMatch-

cisco4461_integrated_services_routerMatch-

ciscoasr_1001-hxMatch-

ciscoasr_1001-xMatch-

ciscoasr_1002-hxMatch-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1006-xMatch-

ciscoasr_1009-xMatch-

ciscoasr_1013Match-

ciscocloud_services_router_1000vMatch-

ciscointegrated_services_virtual_routerMatch-

VendorProductVersionCPE
ciscoios_xe-cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*
cisco1100_integrated_services_router-cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*
cisco1101_integrated_services_router-cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*
cisco1109_integrated_services_router-cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*
cisco1111x_integrated_services_router-cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*
cisco111x_integrated_services_router-cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*
cisco1120_integrated_services_router-cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*
cisco1160_integrated_services_router-cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*
cisco4221_integrated_services_router-cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cisco4321_integrated_services_router-cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	-	cpe:2.3:o:cisco:ios_xe:-:::::::*
cisco	1100_integrated_services_router	-	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
cisco	1101_integrated_services_router	-	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
cisco	1109_integrated_services_router	-	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
cisco	1111x_integrated_services_router	-	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
cisco	111x_integrated_services_router	-	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
cisco	1120_integrated_services_router	-	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
cisco	1160_integrated_services_router	-	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
cisco	4221_integrated_services_router	-	cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::*
cisco	4321_integrated_services_router	-	cpe:2.3:h:cisco:4321_integrated_services_router:-:::::::*

Rows per page:

1-10 of 261

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

52.7%

JSON

Related for CVE-2020-3480