CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2020-3494 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3494
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device. Múltiples vulnerabilidades en el procesamiento del protocolo de Control and Provisioning of Wireless Access Points (CAPWAP) de Cisco IOS XE Software para Cisco Catalyst 9800 Series Wireless Controllers, podrían permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-3497 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3497
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device. Múltiples vulnerabilidades en el procesamiento del protocolo de Control and Provisioning of Wireless Access Points (CAPWAP) de Cisco IOS XE Software para Cisco Catalyst 9800 Series Wireless Controllers, podrían permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq • CWE-20: Improper Input Validation •
CVSS: 6.0EPSS: 0%CPEs: 128EXPL: 0CVE-2020-3503 – Cisco IOS XE Software Guest Shell Unauthorized File System Access Vulnerability
https://notcve.org/view.php?id=CVE-2020-3503
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators. Una vulnerabilidad en los permisos del sistema de archivos de Cisco IOS XE Software, podría permitir a un atacante local autenticado conseguir acceso de lectura y escritura a la configuración crítica o archivos del sistema. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unauth-file-access-eBTWkKVW • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.4EPSS: 0%CPEs: 149EXPL: 0CVE-2020-3508 – Cisco IOS XE Software for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor IP ARP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3508
A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload. Una vulnerabilidad en la funcionalidad de Address Resolution Protocol (ARP) de IP de Cisco IOS XE Software para Cisco ASR 1000 Series Aggregation Services Routers con un Embedded Services Processor (ESP) de 20-Gbps instalado, podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado, resultando en una condición de denegación de servicio. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esp20-arp-dos-GvHVggqJ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3509 – Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3509
A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces Una vulnerabilidad en el manejador de mensajes DHCP de Cisco IOS XE Software para Cisco cBR-8 Converged Broadband Routers, podría permitir a un atacante remoto no autenticado causar que el supervisor se bloquee, lo que podría resultar en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h • CWE-203: Observable Discrepancy CWE-388: 7PK - Errors •