fkie_cve-2020-3569
Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2025-02-24 15:39
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzMitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzMitigation, Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco ios_xr 6.6.3
cisco ios_xr 7.0.2
cisco ios_xr 7.1.2
cisco ios_xr 7.1.15
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr 6.1.4
cisco ios_xr 6.4.2
cisco ios_xr 6.4.3
cisco crs -
cisco crs-1_16-slot_line_card_chassis -
cisco crs-1_16-slot_single-shelf_system -
cisco crs-1_4-slot_single-shelf_system -
cisco crs-1_8-slot_line_card_chassis -
cisco crs-1_8-slot_single-shelf_system -
cisco crs-1_fabric_card_chassis -
cisco crs-1_line_card_chassis_\(dual\) -
cisco crs-1_line_card_chassis_\(multi\) -
cisco crs-1_multishelf_system -
cisco crs-3_16-slot_single-shelf_system -
cisco crs-3_4-slot_single-shelf_system -
cisco crs-3_8-slot_single-shelf_system -
cisco crs-3_multishelf_system -
cisco crs-8\/s-b_crs -
cisco crs-8\/scrs -
cisco crs-x -
cisco crs-x_16-slot_single-shelf_system -
cisco crs-x_multishelf_system -
cisco crs_performance_route_processor -


To clipboard 

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36944A2B-E4F5-41DE-AC4D-55BFA603BE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B842317-A5DB-4890-948A-DD26B7AE2540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "48928FFF-871C-4C07-8352-8C802FAD8F53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "603980FE-9865-4A71-A37C-A90B7F3B72D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
              "versionEndExcluding": "6.5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "603980FE-9865-4A71-A37C-A90B7F3B72D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4132A8AA-008B-49DA-AA5C-EB39CC65A2E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5D5476-202C-476C-BC43-C0A963C99079",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F7E3D1-B738-4B69-AB38-3A273F454B9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2039DB3-F6BA-434D-A395-41DF7B641E4D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C078ABAD-0E35-481F-8096-FDD40451A318",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "941333EC-86D4-43AC-BD9A-D286B2276C95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE33AF1E-5E5C-43A1-B2E3-28E823C47E99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F8EEEF-085A-49A5-A50E-24922B300F75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10698948-E6E0-4C9B-9CB9-3626E4076336",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EF0D7E-FB4E-433A-A983-34E44E790542",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15448B60-0A19-477C-A08A-17578CF7C92C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31F6ED1-B20E-44CA-A74B-9D767EDF045F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDEC7F0-D4D5-45F0-89A4-49C596318C01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F5E007-0CB6-424C-9AE8-01618C8C44E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16770F6C-539D-4B65-9C52-60F008C283D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6D383DA-04D7-4789-B7F7-B31FD645BA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funcionalidad Distance Vector Multicast Routing Protocol (DVMRP) del Cisco IOS XR Software, podr\u00edan permitir a un atacante remoto no autenticado bloquear inmediatamente el Internet Group Management Protocol (IGMP) o lo haga consumir la memoria disponible y finalmente bloquearlo.\u0026#xa0;El consumo de memoria puede afectar negativamente a otros procesos que son ejecutados en el dispositivo.\u0026#xa0;Estas vulnerabilidades son debido al manejo incorrecto de paquetes IGMP.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de un tr\u00e1fico IGMP dise\u00f1ado hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante bloquear inmediatamente el proceso IGMP o causar el agotamiento de la memoria, resultando en que otros procesos se vuelvan inestables.\u0026#xa0;Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco emitir\u00e1 actualizaciones de software que abordan estas vulnerabilidades"
    }
  ],
  "id": "CVE-2020-3569",
  "lastModified": "2025-02-24T15:39:08.970",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-23T01:15:15.503",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.