Lucene search

[email protected]NVD:CVE-2020-3231

HistoryJun 03, 2020 - 6:15 p.m.

CVE-2020-3231

2020-06-0318:15:21

CWE-863

CWE-284

[email protected]

web.nvd.nist.gov

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication.

Affected configurations

Nvd

Node

ciscoiosMatch15.2\(5\)e2

ciscoiosMatch15.2\(5\)ex

ciscoiosMatch15.2\(5a\)e

ciscoiosMatch15.2\(5b\)e

ciscoiosMatch15.2\(5c\)e

ciscoiosMatch15.2\(6\)e

ciscoiosMatch15.2\(6\)e0c

ciscoiosMatch15.2\(6\)e1

ciscoiosMatch15.2\(6\)e1a

ciscoiosMatch15.2\(6\)e1s

ciscoiosMatch15.2\(6\)e2

ciscoiosMatch15.2\(6\)e2b

ciscoiosMatch15.2\(6\)e3

ciscoiosMatch15.2\(6\)e4

ciscoiosMatch15.2\(7\)e

ciscoiosMatch15.2\(7\)e0a

ciscoiosMatch15.2\(7\)e0b

ciscoiosMatch15.2\(7\)e0s

ciscoiosMatch15.2\(7a\)e0b

ciscoiosMatch15.2\(7b\)e0b

ciscoiosMatch15.3\(3\)jaa1

ciscoiosMatch15.3\(3\)jpj

VendorProductVersionCPE
ciscoios15.2(5)e2cpe:2.3:o:cisco:ios:15.2\(5\)e2:*:*:*:*:*:*:*
ciscoios15.2(5)excpe:2.3:o:cisco:ios:15.2\(5\)ex:*:*:*:*:*:*:*
ciscoios15.2(5a)ecpe:2.3:o:cisco:ios:15.2\(5a\)e:*:*:*:*:*:*:*
ciscoios15.2(5b)ecpe:2.3:o:cisco:ios:15.2\(5b\)e:*:*:*:*:*:*:*
ciscoios15.2(5c)ecpe:2.3:o:cisco:ios:15.2\(5c\)e:*:*:*:*:*:*:*
ciscoios15.2(6)ecpe:2.3:o:cisco:ios:15.2\(6\)e:*:*:*:*:*:*:*
ciscoios15.2(6)e0ccpe:2.3:o:cisco:ios:15.2\(6\)e0c:*:*:*:*:*:*:*
ciscoios15.2(6)e1cpe:2.3:o:cisco:ios:15.2\(6\)e1:*:*:*:*:*:*:*
ciscoios15.2(6)e1acpe:2.3:o:cisco:ios:15.2\(6\)e1a:*:*:*:*:*:*:*
ciscoios15.2(6)e1scpe:2.3:o:cisco:ios:15.2\(6\)e1s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.2(5)e2	cpe:2.3:o:cisco:ios:15.2\(5\)e2:::::::*
cisco	ios	15.2(5)ex	cpe:2.3:o:cisco:ios:15.2\(5\)ex:::::::*
cisco	ios	15.2(5a)e	cpe:2.3:o:cisco:ios:15.2\(5a\)e:::::::*
cisco	ios	15.2(5b)e	cpe:2.3:o:cisco:ios:15.2\(5b\)e:::::::*
cisco	ios	15.2(5c)e	cpe:2.3:o:cisco:ios:15.2\(5c\)e:::::::*
cisco	ios	15.2(6)e	cpe:2.3:o:cisco:ios:15.2\(6\)e:::::::*
cisco	ios	15.2(6)e0c	cpe:2.3:o:cisco:ios:15.2\(6\)e0c:::::::*
cisco	ios	15.2(6)e1	cpe:2.3:o:cisco:ios:15.2\(6\)e1:::::::*
cisco	ios	15.2(6)e1a	cpe:2.3:o:cisco:ios:15.2\(6\)e1a:::::::*
cisco	ios	15.2(6)e1s	cpe:2.3:o:cisco:ios:15.2\(6\)e1s:::::::*

Rows per page:

1-10 of 221

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960L-DpWA9Re4

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

Related for NVD:CVE-2020-3231

cvelist1 nessus1 prion1 cisco1 cve1