Vulnerability-Lookup

CVE-2020-3492 (GCVE-0-2020-3492)

Vulnerability from cvelistv5 – Published: 2020-09-24 17:52 – Updated: 2024-11-13 17:59

Title

Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability

Summary

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.

Severity ?

8.6 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

https://tools.cisco.com/security/center/content/C…

vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Wireless LAN Controller (WLC)	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3492",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:45.954203Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:59:11.622Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Wireless LAN Controller (WLC)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-09-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T17:52:15.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX",
        "defect": [
          [
            "CSCvr53845",
            "CSCvr55382"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-09-24T16:00:00",
          "ID": "CVE-2020-3492",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Wireless LAN Controller (WLC)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX",
          "defect": [
            [
              "CSCvr53845",
              "CSCvr55382"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3492",
    "datePublished": "2020-09-24T17:52:16.071Z",
    "dateReserved": "2019-12-12T00:00:00.000Z",
    "dateUpdated": "2024-11-13T17:59:11.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\", \"name\": \"20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:37:54.461Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3492\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:12:45.954203Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:15:10.316Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvr53845\", \"CSCvr55382\"]], \"advisory\": \"cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Wireless LAN Controller (WLC)\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-09-24T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\", \"name\": \"20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-09-24T17:52:15.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"8.6\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\"}}, \"source\": {\"defect\": [[\"CSCvr53845\", \"CSCvr55382\"]], \"advisory\": \"cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Wireless LAN Controller (WLC)\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\", \"name\": \"20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3492\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-09-24T16:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-3492\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T17:59:11.622Z\", \"dateReserved\": \"2019-12-12T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-09-24T17:52:16.071Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2020-3492

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-3492

Aliases

CVE-2020-3492

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-3492",
    "description": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.",
    "id": "GSD-2020-3492"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-3492"
      ],
      "details": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.",
      "id": "GSD-2020-3492",
      "modified": "2023-12-13T01:22:09.696965Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2020-09-24T16:00:00",
        "ID": "CVE-2020-3492",
        "STATE": "PUBLIC",
        "TITLE": "Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Wireless LAN Controller (WLC) ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "8.6",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX",
        "defect": [
          [
            "CSCvr53845",
            "CSCvr55382"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2020-3492"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200924 Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2021-10-19T18:44Z",
      "publishedDate": "2020-09-24T18:15Z"
    }
  }
}

CERTFR-2020-AVI-599

Vulnerability from certfr_avis - Published: 2020-09-25 - Updated: 2020-09-25

De multiples vulnérabilités ont été découvertes dans Cisco IOS XE, IOS et AireOS. Elles permettent à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco IOS
Cisco IOS XE
Cisco IOS XE Software Common Open Policy Service Cisco
Cisco IOS XE Wireless Controller Software pour Catalyst 9000
Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List
Cisco IOS XE Software pour Cisco ASR 1000 Series 20-Gbps Embedded Services Processor
Cisco IOS XE Software PROFINET
Cisco IOS XE Software pour Cisco cBR-8
Cisco IOS XE Software pour Cisco ASR 900 Series Route Switch Processor 3
Cisco IOS XE Software pour Catalyst 9200 Series Switches Umbrella Connector
Cisco IOS XE Software IP Service Level Agreements
Cisco IOS XE Software pour Catalyst 9800 Series Wireless Controllers
Cisco IOS XE Software Zone-Based Firewall
Catalyst 9800 Wireless Controllers avec IOS XE ou AireOS
Wireless LAN Controllers (WLC) avec IOS XE ou AireOS

Se référer aux informations fournies par le logiciel Cisco Software Checker pour confirmer si les versions logicielles en usage dans le système d'information sont affectées ou non.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-wpa-dos-cXshjerc du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-zbfw-94ckG4G du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-iosxe-isdn-q931-dos-67eUZBTf du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-capwap-dos-TPdNTdyq du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-COPS-VLD-MpbTvGEW du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-splitdns-SPWqpdGW du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-esp20-arp-dos-GvHVggqJ du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-mdns-dos-3tH6cA9J du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-iosxe-umbrella-dos-t2QMUX37 du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-iosxe-dhcp-dos-JSCKX43h du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-confacl-HbPtfSuO du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-profinet-J9QMCHPB du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-capwap-dos-ShFzXf du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-ISR4461-gKKUROhx du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-ios-profinet-dos-65qYG3W5 du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-dclass-dos-VKh9D8k3 du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-ipsla-jw2DJmSv du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-le-drTOB625 du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX du 24 septembre 2020	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-ipsla-jw2DJmSv du 24 septembre 2020	-	other
Bulletin de sécurité Cisco cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K du 24 septembre 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eCisco IOS\u003c/li\u003e \u003cli\u003eCisco IOS XE\u003c/li\u003e \u003cli\u003eCisco IOS XE Software Common Open Policy Service Cisco\u003c/li\u003e \u003cli\u003eCisco IOS XE Wireless Controller Software pour Catalyst 9000\u003c/li\u003e \u003cli\u003eCisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List\u003c/li\u003e \u003cli\u003eCisco IOS XE Software pour Cisco ASR 1000 Series 20-Gbps Embedded Services Processor\u003c/li\u003e \u003cli\u003eCisco IOS XE Software PROFINET\u003c/li\u003e \u003cli\u003eCisco IOS XE Software pour Cisco cBR-8\u003c/li\u003e \u003cli\u003eCisco IOS XE Software pour Cisco ASR 900 Series Route Switch Processor 3\u003c/li\u003e \u003cli\u003eCisco IOS XE Software pour Catalyst 9200 Series Switches Umbrella Connector\u003c/li\u003e \u003cli\u003eCisco IOS XE Software IP Service Level Agreements\u003c/li\u003e \u003cli\u003eCisco IOS XE Software pour Catalyst 9800 Series Wireless Controllers\u003c/li\u003e \u003cli\u003eCisco IOS XE Software Zone-Based Firewall\u003c/li\u003e \u003cli\u003eCatalyst 9800 Wireless Controllers avec IOS XE ou AireOS\u003c/li\u003e \u003cli\u003eWireless LAN Controllers (WLC) avec IOS XE ou AireOS\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux informations fournies par le logiciel \u003cem\u003eCisco Software Checker\u003c/em\u003e pour confirmer si les versions logicielles en usage dans le syst\u00e8me d\u0027information sont affect\u00e9es ou non.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-3407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3407"
    },
    {
      "name": "CVE-2020-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3488"
    },
    {
      "name": "CVE-2020-3428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3428"
    },
    {
      "name": "CVE-2020-3390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3390"
    },
    {
      "name": "CVE-2020-3408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3408"
    },
    {
      "name": "CVE-2020-3359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3359"
    },
    {
      "name": "CVE-2020-3414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3414"
    },
    {
      "name": "CVE-2020-3487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3487"
    },
    {
      "name": "CVE-2020-3526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3526"
    },
    {
      "name": "CVE-2020-3399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3399"
    },
    {
      "name": "CVE-2020-3494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3494"
    },
    {
      "name": "CVE-2020-3422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3422"
    },
    {
      "name": "CVE-2020-3511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3511"
    },
    {
      "name": "CVE-2020-3492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3492"
    },
    {
      "name": "CVE-2020-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3509"
    },
    {
      "name": "CVE-2020-3486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3486"
    },
    {
      "name": "CVE-2020-3512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3512"
    },
    {
      "name": "CVE-2020-3421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3421"
    },
    {
      "name": "CVE-2020-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3510"
    },
    {
      "name": "CVE-2020-3465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3465"
    },
    {
      "name": "CVE-2020-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3429"
    },
    {
      "name": "CVE-2020-3513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3513"
    },
    {
      "name": "CVE-2020-3480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3480"
    },
    {
      "name": "CVE-2020-3416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3416"
    },
    {
      "name": "CVE-2020-3508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3508"
    },
    {
      "name": "CVE-2020-3497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3497"
    },
    {
      "name": "CVE-2020-3409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3409"
    },
    {
      "name": "CVE-2020-3493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3493"
    },
    {
      "name": "CVE-2020-3489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3489"
    },
    {
      "name": "CVE-2020-3524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3524"
    }
  ],
  "initial_release_date": "2020-09-25T00:00:00",
  "last_revision_date": "2020-09-25T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ipsla-jw2DJmSv du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-jw2DJmSv"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K"
    }
  ],
  "reference": "CERTFR-2020-AVI-599",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-09-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco IOS XE, IOS\net AireOS. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de type d\u00e9ni de service dans Cisco IOS, IOS XE, AireOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-wpa-dos-cXshjerc du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wpa-dos-cXshjerc"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-zbfw-94ckG4G du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K du 24 septembre 2020",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-isdn-q931-dos-67eUZBTf du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-capwap-dos-TPdNTdyq du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-COPS-VLD-MpbTvGEW du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-splitdns-SPWqpdGW du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-esp20-arp-dos-GvHVggqJ du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esp20-arp-dos-GvHVggqJ"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-mdns-dos-3tH6cA9J du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mdns-dos-3tH6cA9J"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-umbrella-dos-t2QMUX37 du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-dhcp-dos-JSCKX43h du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-confacl-HbPtfSuO du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confacl-HbPtfSuO"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-profinet-J9QMCHPB du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-capwap-dos-ShFzXf du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ISR4461-gKKUROhx du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISR4461-gKKUROhx"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ios-profinet-dos-65qYG3W5 du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-dclass-dos-VKh9D8k3 du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dclass-dos-VKh9D8k3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ipsla-jw2DJmSv du 24 septembre 2020",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-le-drTOB625 du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX du 24 septembre 2020",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
    }
  ]
}

GHSA-RPM8-R8V3-F2RG

Vulnerability from github – Published: 2022-05-24 17:29 – Updated: 2022-05-24 17:29

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-3492"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-09-24T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.",
  "id": "GHSA-rpm8-r8v3-f2rg",
  "modified": "2022-05-24T17:29:28Z",
  "published": "2022-05-24T17:29:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3492"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2020-3492

Vulnerability from fstec - Published: 24.09.2020

Title

Уязвимость инструмента Flexible NetFlow операционных систем Cisco IOS XE сетевых устройств Cisco Catalyst 9800 Series, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость инструмента Flexible NetFlow операционных систем Cisco IOS XE сетевых устройств Cisco Catalyst 9800 Series связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS XE

Software Version

16.10.1 (Cisco IOS XE), 16.11.1 (Cisco IOS XE), 16.12.1 (Cisco IOS XE)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.10.1 (Cisco IOS XE), 16.11.1 (Cisco IOS XE), 16.12.1 (Cisco IOS XE)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "09.10.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "09.10.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-04600",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-3492",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS XE",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Cisco IOS XE 16.10.1 Catalyst 9800 Series, Cisco Systems Inc. Cisco IOS XE 16.11.1 Catalyst 9800 Series, Cisco Systems Inc. Cisco IOS XE 16.12.1 Catalyst 9800 Series",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Flexible NetFlow \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS XE \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Catalyst 9800 Series, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Flexible NetFlow \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS XE \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Catalyst 9800 Series \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

FKIE_CVE-2020-3492

Vulnerability from fkie_nvd - Published: 2020-09-24 18:15 - Updated: 2024-11-21 05:31

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios_xe	16.12.1
cisco	catalyst_9800-40	-
cisco	catalyst_9800-80	-
cisco	catalyst_9800-cl	-
cisco	catalyst_9800-l	-
cisco	catalyst_9800-l-c	-
cisco	catalyst_9800-l-f	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesador de paquetes Flexible NetFlow versi\u00f3n 9 de Cisco IOS XE Software para Cisco Catalyst 9800 Series Wireless Controllers y Cisco AireOS Software para Cisco Wireless LAN Controllers (WLC), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de determinados par\u00e1metros en un registro Flexible NetFlow Versi\u00f3n 9.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la falsificaci\u00f3n de la direcci\u00f3n de un Access Point  existente en la red y enviando un paquete Control and Provisioning of Wireless Access Points (CAPWAP) que incluye un registro Flexible NetFlow Versi\u00f3n 9 dise\u00f1ado hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un bloqueo del proceso que podr\u00eda conllevar a una recarga del dispositivo."
    }
  ],
  "id": "CVE-2020-3492",
  "lastModified": "2024-11-21T05:31:10.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-24T18:15:20.540",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-3492 (GCVE-0-2020-3492)

GSD-2020-3492

CERTFR-2020-AVI-599

Solution

GHSA-RPM8-R8V3-F2RG

CVE-2020-3492

FKIE_CVE-2020-3492

Tags

Sightings

Nomenclature