CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2020-3479 – Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3479
A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition. Una vulnerabilidad en la implementación de Multiprotocol Border Gateway Protocol (MP-BGP) para la familia de direcciones Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) en Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-bgp-evpn-dos-LNfYJxfF • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 26EXPL: 0CVE-2020-3480 – Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3480
Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service. For more information about these vulnerabilities, see the Details section of this advisory. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.0EPSS: 0%CPEs: 128EXPL: 0CVE-2020-3503 – Cisco IOS XE Software Guest Shell Unauthorized File System Access Vulnerability
https://notcve.org/view.php?id=CVE-2020-3503
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators. Una vulnerabilidad en los permisos del sistema de archivos de Cisco IOS XE Software, podría permitir a un atacante local autenticado conseguir acceso de lectura y escritura a la configuración crítica o archivos del sistema. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unauth-file-access-eBTWkKVW • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.6EPSS: 0%CPEs: 19EXPL: 0CVE-2019-12654 – Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12654
A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on an internal data structure. An attacker could exploit this vulnerability by sending a sequence of malicious SIP messages to an affected device. An exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the iosd process. This triggers a reload of the device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos • CWE-476: NULL Pointer Dereference •
CVSS: 8.6EPSS: 0%CPEs: 118EXPL: 0CVE-2019-12657 – Cisco IOS XE Software Unified Threat Defense Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12657
A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this vulnerability by sending IPv6 traffic through an affected device that is configured with UTD. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en Unified Threat Defense (UTD) en el Software Cisco IOS XE, podría permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd • CWE-20: Improper Input Validation •