CVE-2020-3175
8.6
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 4.0
Source: NVD
Description
A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.2(1) |
| Running on/with | Platform Versions |
|---|---|
Cisco Mds 9132t | All versions |
Cisco Mds 9148s | All versions |
Cisco Mds 9148t | All versions |
Cisco Mds 9216 | All versions |
Cisco Mds 9216a | All versions |
Cisco Mds 9216i | All versions |
Cisco Mds 9222i | All versions |
Cisco Mds 9506 | All versions |
Cisco Mds 9509 | All versions |
Cisco Mds 9513 | All versions |
Cisco Mds 9706 | All versions |
Cisco Mds 9710 | All versions |
Cisco Mds 9718 | All versions |
Related CWEs
CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CWE-664
Improper Control of a Resource Through its Lifetime
The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.