Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-3511

A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device.

Published

2020-09-24T18:15:21.230

Last Modified

2024-11-21T05:31:13.380

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:N/I:N/A:C

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

6.5

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-20
Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios_xe	15.1\(4\)m	Yes
Hardware	cisco	1100-4g_integrated_services_router	-	No
Hardware	cisco	1100-4gltegb_integrated_services_router	-	No
Hardware	cisco	1100-4gltena_integrated_services_router	-	No
Hardware	cisco	1100-4p_integrated_services_router	-	No
Hardware	cisco	1100-6g_integrated_services_router	-	No
Hardware	cisco	1100-8p_integrated_services_router	-	No
Hardware	cisco	1100-lte_integrated_services_router	-	No
Hardware	cisco	1100_integrated_services_router	-	No
Hardware	cisco	1101-4p_integrated_services_router	-	No
Hardware	cisco	1101_integrated_services_router	-	No
Hardware	cisco	1109-2p_integrated_services_router	-	No
Hardware	cisco	1109-4p_integrated_services_router	-	No
Hardware	cisco	1109_integrated_services_router	-	No
Hardware	cisco	1111x-8p_integrated_services_router	-	No
Hardware	cisco	1111x_integrated_services_router	-	No
Hardware	cisco	111x_integrated_services_router	-	No
Hardware	cisco	1120_integrated_services_router	-	No
Hardware	cisco	1160_integrated_services_router	-	No
Hardware	cisco	422_integrated_services_router	-	No
Hardware	cisco	4321\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4321\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4321\/k9_integrated_services_router	-	No
Hardware	cisco	4331\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4331\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4331\/k9_integrated_services_router	-	No
Hardware	cisco	4351\/k9-rf_integrated_services_router	-	No
Hardware	cisco	4351\/k9-ws_integrated_services_router	-	No
Hardware	cisco	4351\/k9_integrated_services_router	-	No
Hardware	cisco	4431_integrated_services_router	-	No
Hardware	cisco	4461_integrated_services_router	-	No
Hardware	cisco	asr_1000-x	-	No
Hardware	cisco	asr_1001	-	No
Hardware	cisco	asr_1001-x	-	No
Hardware	cisco	asr_1002	-	No
Hardware	cisco	asr_1002-x	-	No
Hardware	cisco	asr_1004	-	No
Hardware	cisco	asr_1006	-	No
Hardware	cisco	asr_1013	-	No
Hardware	cisco	asr1001-hx	-	No
Hardware	cisco	asr1001-hx-rf	-	No
Hardware	cisco	asr1001-x	-	No
Hardware	cisco	asr1001-x-rf	-	No
Hardware	cisco	asr1001-x-ws	-	No
Hardware	cisco	asr1002-hx	-	No
Hardware	cisco	asr1002-hx-rf	-	No
Hardware	cisco	asr1002-hx-ws	-	No
Hardware	cisco	asr1002-x	-	No
Hardware	cisco	asr1002-x-rf	-	No
Hardware	cisco	asr1002-x-ws	-	No
Hardware	cisco	csr1000v	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)