// For flags

CVE-2020-3175

Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability

Severity Score

8.6
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.

Una vulnerabilidad en el sistema de manejo de recursos de Cisco NX-OS Software para Cisco MDS 9000 Series Multilayer Switches, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un control inapropiado del uso de recursos. Un atacante podría explotar esta vulnerabilidad mediante el envío de tráfico hacia la interfaz de administración (mgmt0) de un dispositivo afectado a velocidades muy altas. Un explotación podría permitir al atacante causar comportamientos inesperados, tal y como un uso elevado de la CPU, bloqueos del proceso o incluso reinicios del sistema completos de un dispositivo afectado.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-02-26 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-664: Improper Control of a Resource Through its Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9132t
Search vendor "Cisco" for product "Mds 9132t"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9148s
Search vendor "Cisco" for product "Mds 9148s"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9148t
Search vendor "Cisco" for product "Mds 9148t"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9216
Search vendor "Cisco" for product "Mds 9216"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9216a
Search vendor "Cisco" for product "Mds 9216a"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9216i
Search vendor "Cisco" for product "Mds 9216i"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9222i
Search vendor "Cisco" for product "Mds 9222i"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9506
Search vendor "Cisco" for product "Mds 9506"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9509
Search vendor "Cisco" for product "Mds 9509"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9513
Search vendor "Cisco" for product "Mds 9513"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9706
Search vendor "Cisco" for product "Mds 9706"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9710
Search vendor "Cisco" for product "Mds 9710"
--
Safe
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.2\(1\)
Search vendor "Cisco" for product "Nx-os" and version "6.2\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Mds 9718
Search vendor "Cisco" for product "Mds 9718"
--
Safe