CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 0CVE-2020-3198 – Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3198
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en Cisco IOS Software para Cisco 809 y 829 Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podrían permitir a un atacante remoto no autenticado o a un atacante local autenticado ejecutar código arbitrario en un sistema afectado o causar que un sistema afectado se bloquee y se vuelva a cargar. Para mayor información sobre estas vulnerabilidades, ver la sección de Detalles de este aviso. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 490EXPL: 0CVE-2020-3228 – Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3228
A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Una vulnerabilidad en Security Group Tag Exchange Protocol (SXP) en Cisco IOS Software, Cisco IOS XE Software y Cisco NX-OS Software, podría permitir a un atacante remoto no autenticado causar que el dispositivo afectado se vuelva a cargar, resultando en una condición denegación de servicio (DoS ). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxp-68TEVzR • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 22EXPL: 0CVE-2020-3231 – Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3231
A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication. Una vulnerabilidad en la funcionalidad 802.1X de Cisco Catalyst 2960-L Series Switches y Cisco Catalyst CDB-8P Switches, podría permitir a un atacante adyacente no autenticado reenviar el tráfico de difusión antes de ser autenticado en el puerto. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960L-DpWA9Re4 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 792EXPL: 0CVE-2020-3230 – Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3230
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed. Una vulnerabilidad en la implementación de Internet Key Exchange Versión 2 (IKEv2) en Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante remoto no autenticado impedir que IKEv2 establezca nuevas asociaciones de seguridad. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-9p23Jj2a • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 260EXPL: 0CVE-2020-3226 – Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3226
A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service condition. Una vulnerabilidad en la biblioteca Session Initiation Protocol (SIP) de Cisco IOS Software y Cisco IOS XE Software, podría permitir que un atacante remoto no autenticado desencadene una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sip-Cv28sQw2 • CWE-20: Improper Input Validation •