CWE-783
Operator Precedence Logic Error
The product uses an expression in which operator precedence causes incorrect logic to be used.
CVE-2024-20314 (GCVE-0-2024-20314)
Vulnerability from cvelistv5
Published
2024-03-27 16:57
Modified
2024-08-01 21:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-783 - Operator Precedence Logic Error
Summary
A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.5a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.4a Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.11.99SW |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.3.11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.10a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:16.12.11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:17.11.99SW:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ios_xe", "vendor": "cisco", "versions": [ { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20314", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-28T17:25:30.623311Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-02T16:25:13.272Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:42.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-783", "description": "Operator Precedence Logic Error", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-27T16:57:27.974Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG" } ], "source": { "advisory": "cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG", "defects": [ "CSCwh41093" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20314", "datePublished": "2024-03-27T16:57:27.974Z", "dateReserved": "2023-11-08T15:08:07.632Z", "dateUpdated": "2024-08-01T21:59:42.311Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-20480 (GCVE-0-2024-20480)
Vulnerability from cvelistv5
Published
2024-09-25 16:27
Modified
2024-09-25 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-783 - Operator Precedence Logic Error
Summary
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover.
This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.3a Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ios_xe", "vendor": "cisco", "versions": [ { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99sw" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20480", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-25T18:59:17.941528Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-25T19:25:52.910Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. \r\n\r This vulnerability is due to improper handling of IPv4 DHCP packets. An attacker could exploit this vulnerability by sending certain IPv4 DHCP packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition that requires a manual reload to recover." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-783", "description": "Operator Precedence Logic Error", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-25T16:27:59.969Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-ios-xe-sda-edge-dos-MBcbG9k", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-MBcbG9k" } ], "source": { "advisory": "cisco-sa-ios-xe-sda-edge-dos-MBcbG9k", "defects": [ "CSCwk36431" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20480", "datePublished": "2024-09-25T16:27:59.969Z", "dateReserved": "2023-11-08T15:08:07.683Z", "dateUpdated": "2024-09-25T19:25:52.910Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-27512 (GCVE-0-2025-27512)
Vulnerability from cvelistv5
Published
2025-03-17 14:46
Modified
2025-03-17 15:01
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot the system into the deployed update. Since Zincati v0.0.24, this polkit rule contains a logic error which broadens access of those polkit actions to any unprivileged user rather than just the `zincati` system user. In practice, this means that any unprivileged user with access to the system D-Bus socket is able to deploy older Fedora CoreOS versions (which may have other known vulnerabilities). Note that rpm-ostree enforces that the selected version must be from the same branch the system is currently on so this cannot directly be used to deploy an attacker-controlled update payload. This primarily impacts users running untrusted workloads with access to the system D-Bus socket. Note that in general, untrusted workloads should not be given this access, whether containerized or not. By default, containers do not have access to the system D-Bus socket. The logic error is fixed in Zincati v0.0.30. A workaround is to manually add a following polkit rule, instructions for which are available in the GitHub Security Advisory.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-27512", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-17T15:01:29.371339Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-17T15:01:42.057Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "zincati", "vendor": "coreos", "versions": [ { "status": "affected", "version": "\u003e= 0.0.24, \u003c 0.0.30" } ] } ], "descriptions": [ { "lang": "en", "value": "Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot the system into the deployed update. Since Zincati v0.0.24, this polkit rule contains a logic error which broadens access of those polkit actions to any unprivileged user rather than just the `zincati` system user. In practice, this means that any unprivileged user with access to the system D-Bus socket is able to deploy older Fedora CoreOS versions (which may have other known vulnerabilities). Note that rpm-ostree enforces that the selected version must be from the same branch the system is currently on so this cannot directly be used to deploy an attacker-controlled update payload. This primarily impacts users running untrusted workloads with access to the system D-Bus socket. Note that in general, untrusted workloads should not be given this access, whether containerized or not. By default, containers do not have access to the system D-Bus socket. The logic error is fixed in Zincati v0.0.30. A workaround is to manually add a following polkit rule, instructions for which are available in the GitHub Security Advisory." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-783", "description": "CWE-783: Operator Precedence Logic Error", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-17T14:46:28.219Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825" }, { "name": "https://github.com/coreos/zincati/commit/01d8e89f799e6ba21bdf7dc668abce23bd0d8f78", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/coreos/zincati/commit/01d8e89f799e6ba21bdf7dc668abce23bd0d8f78" }, { "name": "https://github.com/coreos/zincati/commit/28a43aa2c1edda091ba659677d73c13e6e3ea99d", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/coreos/zincati/commit/28a43aa2c1edda091ba659677d73c13e6e3ea99d" }, { "name": "https://github.com/coreos/zincati/releases/tag/v0.0.24", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/coreos/zincati/releases/tag/v0.0.24" }, { "name": "https://github.com/coreos/zincati/releases/tag/v0.0.30", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/coreos/zincati/releases/tag/v0.0.30" } ], "source": { "advisory": "GHSA-w6fv-6gcc-x825", "discovery": "UNKNOWN" }, "title": "Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2025-27512", "datePublished": "2025-03-17T14:46:28.219Z", "dateReserved": "2025-02-26T18:11:52.306Z", "dateUpdated": "2025-03-17T15:01:42.057Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Implementation
Description:
- Regularly wrap sub-expressions in parentheses, especially in security-critical code.
No CAPEC attack patterns related to this CWE.