Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-3526

Опубликовано: 24 сент. 2020
Источник: nvd
CVSS3: 8.6
CVSS3: 8.6
CVSS2: 7.8
EPSS Низкий

Описание

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cisco:ios_xe:17.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00564
Низкий

8.6 High

CVSS3

8.6 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-20
CWE-20

Связанные уязвимости

github логотип

GHSA-x9r4-mp46-hrqx

github
больше 3 лет назад

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.

fstec логотип

BDU:2020-04957

CVSS3: 8.6
fstec
больше 5 лет назад

Уязвимость службы Common Open Policy Service (COPS) операционной системы Cisco IOS XE ковергентных широкополосных маршрутизаторов Cisco cBR-8, позволяющая нарушителю вызвать сбой в работе устройства

EPSS

Процентиль: 68%
0.00564
Низкий

8.6 High

CVSS3

8.6 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-20
CWE-20