CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability.
This vulnerability only affects devices that are configured as SD-Access fabric edge nodes managed by Cisco Catalyst Center (formerly Cisco DNA Center).
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED 0948c91930a90af746a03e3fc48f88e667149a51f0ab4489f33e13a7261a96374d74378bb74fbdea64cc8b0dbbf62ebb80c304aad11ccdcd4ada1c7f9f53a0bd45417d30ece66fbf61f7b984a71c731608bf31ae10ca4beb27bb92380511faf5e5986ba5dcf0542cba66906a972da3cca8cb292aa9677246ffe13cff11307c10a3bc90f570ba999c21b06dfa33a71fcd8c18cf34eec5c0071fcf00a816794cc6cb12dcb73fc5ce6917c71de1bd680fa37e25079c528029f3d76963eba4d74ec3bc4c454632acf6e7cb71c29a68ae28478044f3bb4f0345a8cdc6492e35f849147a7ddf5099b13392ac256842f0e00cadb6f1871bd5f5af579dc78aa32f60a1be4a0885fbd62d6d72c909e3ff5b7b350b14af52857761f1d5c6c07bc0e2a001f0c89d3fd959802b5ec817d0c0add64dcff03819c357f59b81b9f548b0f7b9f181eb103538d43ef43a1a5c02fb9bf28d0cee3a920ab6e7d15d5db56658f9433416acb5edd407cb6da5ea14058c264aed0db18e91e929ce652dfc15df80f7ecd7ea52161101351505e73e4896729d067501208bd7bcf25d5184633e1412bb7651e2877481898202bec1dd289b87febc7a1bb0c4e6ad2c5e397380cee1da2fcbef6c81e31c06bbc44aba3caa465046498f3ffe0d41bcc92308b32564b289e8cb6c03b6b82a13d4b80e3e3f02cc5e74b93c161fe353567217fa1254ea7412a73fb446
#TRUST-RSA-SHA256 12d8883259aae62827e57fa2e25c3533bcfc7b4703e4cd7532532f5b5fe1c3bf549084ae66aa6f59441f56e216167b8e41f727be14ada2c2d7f31b67aaf1ff8f4a7fe68cd0d51d8f1fc120a210b04f7322647b68613bbbb2fa35c4e03b7ca62617a61ed465bd6902ceac36235744481580aa7cb895a12cf3b0b02b1ff37f1c0c5efb3984421cccf9b87d4d156ef47023fa9285ead1d0aacce27b32f2cff25d57632a33f4d6cf11387ca8582a04145e701e01e748d2b327c3a9674c734d041ca936c8e3215b36d198177fb9e461834098072c613888a85f6683ab57f206d19097b627bd681b9bb55676ff27ec59b50089b427d3833bed388c7a68a58df23cc93a0abd788cc0213fe68f040d0d7881edbe9f676735d91247e32414dc54f0ea36e842ac11b1852657de90ada7a98fbf0b33236bbb65242119ae406eb34c463a881ab1bb8afe41c3ddca81a8a3e89e926666396021c924c3f5c9082137e81f739caaa6803baeaea128792ddb69fe1606f31671b2b0a55bda94fc4c91e95a060cd045a3f0b5b976079ed488f8691acfd64fdd9419091cc0087627da2a88233e07480822336a0b07022422749b66018e08c8298d340596253c17154638ae325899270188e1eaed53f0321022a0cd49390a781c62f1fe6125768a761fcb121a29f29b1d20d56f982311c3d082da8e61bc490399c5622fff2656c20c060dfa8e1027d2df
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(192622);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/27");
script_cve_id("CVE-2024-20314");
script_xref(name:"CISCO-BUG-ID", value:"CSCwh41093");
script_xref(name:"CISCO-SA", value:"cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG");
script_xref(name:"IAVA", value:"2024-A-0188-S");
script_name(english:"Cisco IOS XE Software SD Access Fabric Edge Node DoS (cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability.
- A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE
Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all
traffic processing, resulting in a denial of service (DoS) condition on an affected device. This
vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this
vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the
attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS
condition. (CVE-2024-20314)
This vulnerability only affects devices that are configured as SD-Access fabric edge nodes managed by Cisco
Catalyst Center (formerly Cisco DNA Center).
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6d31ae91");
# https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75056
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a1da659d");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh41093");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwh41093");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20314");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(783);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/27");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/27");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version", "Settings/ParanoidReport");
exit(0);
}
include('ccf.inc');
if (report_paranoia < 2) audit(AUDIT_PARANOID);
var extra = 'Nessus was unable to check if device is configured as an SD-Access fabric edge device by Cisco Catalyst Center.';
var product_info = cisco::get_product_info(name:'Cisco IOS XE Software');
var version_list=make_list(
'16.1.1',
'16.1.2',
'16.1.3',
'16.2.1',
'16.2.2',
'16.3.1',
'16.3.1a',
'16.3.2',
'16.3.3',
'16.3.4',
'16.3.5',
'16.3.5b',
'16.3.6',
'16.3.7',
'16.3.8',
'16.3.9',
'16.3.10',
'16.3.11',
'16.4.1',
'16.4.2',
'16.4.3',
'16.5.1',
'16.5.1a',
'16.5.1b',
'16.5.2',
'16.5.3',
'16.6.1',
'16.6.2',
'16.6.3',
'16.6.4',
'16.6.4a',
'16.6.4s',
'16.6.5',
'16.6.5a',
'16.6.5b',
'16.6.6',
'16.6.7',
'16.6.7a',
'16.6.8',
'16.6.9',
'16.6.10',
'16.7.1',
'16.7.1a',
'16.7.1b',
'16.7.2',
'16.7.3',
'16.7.4',
'16.8.1',
'16.8.1a',
'16.8.1b',
'16.8.1c',
'16.8.1d',
'16.8.1e',
'16.8.1s',
'16.8.2',
'16.8.3',
'16.9.1',
'16.9.1a',
'16.9.1b',
'16.9.1c',
'16.9.1d',
'16.9.1s',
'16.9.2',
'16.9.2a',
'16.9.2s',
'16.9.3',
'16.9.3a',
'16.9.3h',
'16.9.3s',
'16.9.4',
'16.9.4c',
'16.9.5',
'16.9.5f',
'16.9.6',
'16.9.7',
'16.9.8',
'16.9.8a',
'16.9.8b',
'16.9.8c',
'16.10.1',
'16.10.1a',
'16.10.1b',
'16.10.1c',
'16.10.1d',
'16.10.1e',
'16.10.1f',
'16.10.1g',
'16.10.1s',
'16.10.2',
'16.10.3',
'16.11.1',
'16.11.1a',
'16.11.1b',
'16.11.1c',
'16.11.1s',
'16.11.2',
'16.12.1',
'16.12.1a',
'16.12.1c',
'16.12.1s',
'16.12.1t',
'16.12.1w',
'16.12.1x',
'16.12.1y',
'16.12.1z',
'16.12.1z1',
'16.12.1z2',
'16.12.2',
'16.12.2a',
'16.12.2s',
'16.12.2t',
'16.12.3',
'16.12.3a',
'16.12.3s',
'16.12.4',
'16.12.4a',
'16.12.5',
'16.12.5a',
'16.12.5b',
'16.12.6',
'16.12.6a',
'16.12.7',
'16.12.8',
'16.12.9',
'16.12.10',
'16.12.10a',
'17.1.1',
'17.1.1a',
'17.1.1s',
'17.1.1t',
'17.1.2',
'17.1.3',
'17.2.1',
'17.2.1a',
'17.2.1r',
'17.2.1v',
'17.2.2',
'17.2.3',
'17.3.1',
'17.3.1a',
'17.3.1w',
'17.3.1x',
'17.3.1z',
'17.3.2',
'17.3.2a',
'17.3.3',
'17.3.3a',
'17.3.4',
'17.3.4a',
'17.3.4b',
'17.3.4c',
'17.3.5',
'17.3.5a',
'17.3.5b',
'17.3.6',
'17.3.7',
'17.4.1',
'17.4.1a',
'17.4.1b',
'17.4.1c',
'17.4.2',
'17.4.2a',
'17.5.1',
'17.5.1a',
'17.5.1b',
'17.5.1c',
'17.6.1',
'17.6.1a',
'17.6.1w',
'17.6.1x',
'17.6.1y',
'17.6.1z',
'17.6.1z1',
'17.6.2',
'17.6.3',
'17.6.3a',
'17.6.4',
'17.6.5',
'17.6.5a',
'17.7.1',
'17.7.1a',
'17.7.1b',
'17.7.2',
'17.8.1',
'17.8.1a',
'17.9.1',
'17.9.1a',
'17.9.1w',
'17.9.1x',
'17.9.1x1',
'17.9.1y',
'17.9.1y1',
'17.9.2',
'17.9.2a',
'17.9.3',
'17.9.3a',
'17.9.4',
'17.9.4a',
'17.10.1',
'17.10.1a',
'17.10.1b',
'17.11.1',
'17.11.1a',
'17.11.99SW',
'17.12.1',
'17.12.1a',
'17.12.1w'
);
var reporting = make_array(
'port' , product_info['port'],
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCwh41093',
'disable_caveat', TRUE,
'extra' , extra
);
cisco::check_and_report(
product_info:product_info,
reporting:reporting,
vuln_versions:version_list
);
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%