CVE-2020-3421Improper Check for Unusual or Exceptional Conditions in Cisco IOS XE Software

CWE-754Improper Check for Unusual or Exceptional Conditions5 documents5 sources
Severity
7.5HIGHNVD
CNA8.6
EPSS
1.0%
top 23.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XE SoftwareCisco IOS XE
Timeline
PublishedSep 24
Latest updateMay 24

Description

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or s

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDcisco/ios_xe16.9.3, 17.2+1

🔴Vulnerability Details

2
GHSA
GHSA-9gg8-xvhp-2q7g: Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the devi2022-05-24
CVEList
Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities2020-09-24

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities2020-09-24

💬Community

1
Bugzilla
CVE-2020-1597 dotnet: ASP.NET Core Resource Consumption Denial of Service2020-07-27
CVE-2020-3421 — Cisco IOS XE Software vulnerability | cvebase