CVSS: 7.7EPSS: 0%CPEs: 1198EXPL: 0CVE-2020-3200 – Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3200
A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en el código del servidor Secure Shell (SSH) de Cisco IOS Software y el Cisco IOS XE Software, podría permitir a un atacante remoto autenticado causar una recarga de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-dos-Un22sd2A • CWE-371: State Issues CWE-436: Interpretation Conflict •
CVSS: 8.8EPSS: 0%CPEs: 93EXPL: 0CVE-2020-3199 – Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3199
Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el entorno de aplicación en Cisco IOx de Cisco 809 y 829 Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000) que ejecuta Cisco IOS Software, podrían permitir a un atacante causar una condición de denegación de servicio (DoS) o ejecutar código arbitrario con privilegios elevados en un dispositivo afectado. Para mayor información sobre estas vulnerabilidades, ver la sección de Detalles de este aviso. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-gos-vuln-s9qS8kYL • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 0CVE-2020-3198 – Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3198
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en Cisco IOS Software para Cisco 809 y 829 Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podrían permitir a un atacante remoto no autenticado o a un atacante local autenticado ejecutar código arbitrario en un sistema afectado o causar que un sistema afectado se bloquee y se vuelva a cargar. Para mayor información sobre estas vulnerabilidades, ver la sección de Detalles de este aviso. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 490EXPL: 0CVE-2020-3228 – Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3228
A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Una vulnerabilidad en Security Group Tag Exchange Protocol (SXP) en Cisco IOS Software, Cisco IOS XE Software y Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que el dispositivo afectado se vuelva a cargar, resultando en una condición denegación de servicio (DoS ). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxp-68TEVzR • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 22EXPL: 0CVE-2020-3231 – Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3231
A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication. Una vulnerabilidad en la funcionalidad 802.1X de Cisco Catalyst 2960-L Series Switches y Cisco Catalyst CDB-8P Switches, podría permitir a un atacante adyacente no autenticado reenviar el tráfico de difusión antes de ser autenticado en el puerto. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960L-DpWA9Re4 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •