Lucene search
HistorySep 27, 2023 - 6:15 p.m.
CVE-2023-20187
cisco
asr 1000
vulnerability
dos
mlre
ipv6
multicast
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
32.9%
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition.
Affected configurations
Node
ciscoios_xeMatch3.7.1s
ORciscoios_xeMatch3.7.2s
ORciscoios_xeMatch3.7.2ts
ORciscoios_xeMatch3.7.3s
ORciscoios_xeMatch3.7.4s
ORciscoios_xeMatch3.7.5s
ORciscoios_xeMatch3.7.6s
ORciscoios_xeMatch3.7.7s
ORciscoios_xeMatch3.8.0s
ORciscoios_xeMatch3.8.1s
ORciscoios_xeMatch3.8.2s
ORciscoios_xeMatch3.9.0s
ORciscoios_xeMatch3.9.1s
ORciscoios_xeMatch3.9.2s
ORciscoios_xeMatch3.10.0s
ORciscoios_xeMatch3.10.1s
ORciscoios_xeMatch3.10.1xbs
ORciscoios_xeMatch3.10.2s
ORciscoios_xeMatch3.10.3s
ORciscoios_xeMatch3.10.4s
ORciscoios_xeMatch3.10.5s
ORciscoios_xeMatch3.10.6s
ORciscoios_xeMatch3.10.7s
ORciscoios_xeMatch3.10.8as
ORciscoios_xeMatch3.10.8s
ORciscoios_xeMatch3.10.9s
ORciscoios_xeMatch3.10.10s
ORciscoios_xeMatch3.11.0s
ORciscoios_xeMatch3.11.1s
ORciscoios_xeMatch3.11.2s
ORciscoios_xeMatch3.11.3s
ORciscoios_xeMatch3.11.4s
ORciscoios_xeMatch3.12.0s
ORciscoios_xeMatch3.12.1s
ORciscoios_xeMatch3.12.2s
ORciscoios_xeMatch3.12.3s
ORciscoios_xeMatch3.12.4s
ORciscoios_xeMatch3.13.0s
ORciscoios_xeMatch3.13.1s
ORciscoios_xeMatch3.13.2as
ORciscoios_xeMatch3.13.2s
ORciscoios_xeMatch3.13.3s
ORciscoios_xeMatch3.13.4s
ORciscoios_xeMatch3.13.5as
ORciscoios_xeMatch3.13.5s
ORciscoios_xeMatch3.13.6as
ORciscoios_xeMatch3.13.6s
ORciscoios_xeMatch3.13.7s
ORciscoios_xeMatch3.13.8s
ORciscoios_xeMatch3.13.9s
ORciscoios_xeMatch3.13.10s
ORciscoios_xeMatch3.14.0s
ORciscoios_xeMatch3.14.1s
ORciscoios_xeMatch3.14.2s
ORciscoios_xeMatch3.14.3s
ORciscoios_xeMatch3.14.4s
ORciscoios_xeMatch3.15.0s
ORciscoios_xeMatch3.15.1s
ORciscoios_xeMatch3.15.2s
ORciscoios_xeMatch3.15.3s
ORciscoios_xeMatch3.15.4s
ORciscoios_xeMatch3.16.0s
ORciscoios_xeMatch3.16.1as
ORciscoios_xeMatch3.16.2bs
ORciscoios_xeMatch3.16.2s
ORciscoios_xeMatch3.16.3s
ORciscoios_xeMatch3.16.4as
ORciscoios_xeMatch3.16.4bs
ORciscoios_xeMatch3.16.5s
ORciscoios_xeMatch3.16.6bs
ORciscoios_xeMatch3.16.6s
ORciscoios_xeMatch3.16.7as
ORciscoios_xeMatch3.16.7bs
ORciscoios_xeMatch3.16.7s
ORciscoios_xeMatch3.16.8s
ORciscoios_xeMatch3.16.9s
ORciscoios_xeMatch3.16.10s
ORciscoios_xeMatch3.17.0s
ORciscoios_xeMatch3.17.1as
ORciscoios_xeMatch3.17.1s
ORciscoios_xeMatch3.17.2s
ORciscoios_xeMatch3.17.3s
ORciscoios_xeMatch3.17.4s
ORciscoios_xeMatch16.2.1
ORciscoios_xeMatch16.2.2
ORciscoios_xeMatch16.3.1
ORciscoios_xeMatch16.3.1a
ORciscoios_xeMatch16.3.2
ORciscoios_xeMatch16.3.3
ORciscoios_xeMatch16.3.4
ORciscoios_xeMatch16.3.5
ORciscoios_xeMatch16.3.6
ORciscoios_xeMatch16.3.7
ORciscoios_xeMatch16.3.8
ORciscoios_xeMatch16.3.9
ORciscoios_xeMatch16.3.10
ORciscoios_xeMatch16.3.11
ORciscoios_xeMatch16.4.1
ORciscoios_xeMatch16.4.2
ORciscoios_xeMatch16.4.3
ORciscoios_xeMatch16.5.1
ORciscoios_xeMatch16.5.1b
ORciscoios_xeMatch16.5.2
ORciscoios_xeMatch16.5.3
ORciscoios_xeMatch16.6.1
ORciscoios_xeMatch16.6.2
ORciscoios_xeMatch16.6.3
ORciscoios_xeMatch16.6.4
ORciscoios_xeMatch16.6.5
ORciscoios_xeMatch16.6.6
ORciscoios_xeMatch16.6.7
ORciscoios_xeMatch16.6.8
ORciscoios_xeMatch16.6.9
ORciscoios_xeMatch16.6.10
ORciscoios_xeMatch16.7.1
ORciscoios_xeMatch16.7.2
ORciscoios_xeMatch16.7.3
ORciscoios_xeMatch16.8.1
ORciscoios_xeMatch16.8.1s
ORciscoios_xeMatch16.8.2
ORciscoios_xeMatch16.8.3
ORciscoios_xeMatch16.9.1
ORciscoios_xeMatch16.9.1s
ORciscoios_xeMatch16.9.2
ORciscoios_xeMatch16.9.3
ORciscoios_xeMatch16.9.4
ORciscoios_xeMatch16.9.5
ORciscoios_xeMatch16.9.6
ORciscoios_xeMatch16.9.7
ORciscoios_xeMatch16.9.8
ORciscoios_xeMatch16.10.1
ORciscoios_xeMatch16.10.1a
ORciscoios_xeMatch16.10.1e
ORciscoios_xeMatch16.10.1s
ORciscoios_xeMatch16.10.2
ORciscoios_xeMatch16.10.3
ORciscoios_xeMatch16.11.1
ORciscoios_xeMatch16.11.1a
ORciscoios_xeMatch16.11.1s
ORciscoios_xeMatch16.11.2
ORciscoios_xeMatch16.12.1
ORciscoios_xeMatch16.12.1a
ORciscoios_xeMatch16.12.1c
ORciscoios_xeMatch16.12.1s
ORciscoios_xeMatch16.12.2
ORciscoios_xeMatch16.12.2s
ORciscoios_xeMatch16.12.3
ORciscoios_xeMatch16.12.3s
ORciscoios_xeMatch16.12.4
ORciscoios_xeMatch16.12.5
ORciscoios_xeMatch16.12.6
ORciscoios_xeMatch16.12.7
ORciscoios_xeMatch16.12.8
ORciscoios_xeMatch17.1.1
ORciscoios_xeMatch17.1.1s
ORciscoios_xeMatch17.1.1t
ORciscoios_xeMatch17.1.3
ORciscoios_xeMatch17.2.1
ORciscoios_xeMatch17.2.1r
ORciscoios_xeMatch17.2.1v
ORciscoios_xeMatch17.2.2
ORciscoios_xeMatch17.2.3
ORciscoios_xeMatch17.3.1
ORciscoios_xeMatch17.3.1a
ORciscoios_xeMatch17.3.2
ORciscoios_xeMatch17.3.3
ORciscoios_xeMatch17.3.4
ORciscoios_xeMatch17.3.4a
ORciscoios_xeMatch17.3.5
ORciscoios_xeMatch17.3.6
ORciscoios_xeMatch17.3.7
ORciscoios_xeMatch17.4.1
ORciscoios_xeMatch17.4.1a
ORciscoios_xeMatch17.4.1b
ORciscoios_xeMatch17.4.2
ORciscoios_xeMatch17.5.1
ORciscoios_xeMatch17.5.1a
ORciscoios_xeMatch17.5.1b
ORciscoios_xeMatch17.5.1c
ORciscoios_xeMatch17.6.1
ORciscoios_xeMatch17.6.1a
ORciscoios_xeMatch17.6.2
ORciscoios_xeMatch17.6.3
ORciscoios_xeMatch17.6.3a
ORciscoios_xeMatch17.6.4
ORciscoios_xeMatch17.6.5
ORciscoios_xeMatch17.7.1
ORciscoios_xeMatch17.7.1a
ORciscoios_xeMatch17.7.2
ORciscoios_xeMatch17.8.1
ORciscoios_xeMatch17.8.1a
ORciscoios_xeMatch17.9.1
ORciscoios_xeMatch17.9.1a
ORciscoios_xeMatch17.9.2
ORciscoios_xeMatch17.9.2a
ORciscoios_xeMatch17.9.3
ORciscoios_xeMatch17.9.3a
ORciscoios_xeMatch17.10.1
ORciscoios_xeMatch17.10.1a
ORciscoios_xeMatch17.11.1
ORciscoios_xeMatch17.11.1a
ciscoasr1000-esp100Match-
ORciscoasr1000-esp200Match-
ORciscoasr1000-esp40Match-
ORciscoasr1001-hxMatch-
ORciscoasr1001-xMatch-
ORciscoasr1002-hxMatch-
ORciscoasr1002-xMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | ios_xe | 3.7.1s | cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.2s | cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.2ts | cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.3s | cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.4s | cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.5s | cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.6s | cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.7.7s | cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.8.0s | cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:* |
| cisco | ios_xe | 3.8.1s | cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:* |
Related
cisco
cisco
cve
cve
CVE-2023-20187
2023-09-27 18:15:11
cvelist
cvelist
CVE-2023-20187
2023-09-27 17:19:44
prion
prion
Race condition
2023-09-27 18:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
32.9%
Related for NVD:CVE-2023-20187