CVE-2024-20307
Vulnerability from cvelistv5
Published
2024-03-27 17:23
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.
This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | IOS |
Version: 15.1(2)SG8 Version: 15.2(4)M11 Version: 15.1(2)SY8 Version: 15.1(2)SY9 Version: 15.1(2)SY10 Version: 15.1(2)SY11 Version: 15.1(2)SY12 Version: 15.1(2)SY13 Version: 15.1(2)SY14 Version: 15.1(2)SY15 Version: 15.1(2)SY16 Version: 15.3(3)S8 Version: 15.3(3)S9 Version: 15.3(3)S10 Version: 15.3(3)S8a Version: 15.2(4)E2 Version: 15.2(3)E4 Version: 15.2(5)E Version: 15.2(4)E3 Version: 15.2(5b)E Version: 15.2(3)E5 Version: 15.2(4)E4 Version: 15.2(4)E5 Version: 15.2(4)E5a Version: 15.2(4)E6 Version: 15.2(4)E7 Version: 15.2(4)E8 Version: 15.2(4)E9 Version: 15.2(4)E10 Version: 15.2(4)E10a Version: 15.2(4)E10d Version: 15.4(3)S6 Version: 15.4(3)S7 Version: 15.4(3)S6a Version: 15.4(3)S8 Version: 15.4(3)S9 Version: 15.4(3)S10 Version: 15.3(3)M8 Version: 15.3(3)M9 Version: 15.3(3)M10 Version: 15.3(3)M8a Version: 15.2(1)SY3 Version: 15.2(1)SY4 Version: 15.2(1)SY5 Version: 15.2(1)SY6 Version: 15.2(1)SY7 Version: 15.2(1)SY8 Version: 15.5(3)S3 Version: 15.5(1)S4 Version: 15.5(2)S4 Version: 15.5(3)S4 Version: 15.5(3)S5 Version: 15.5(3)S6 Version: 15.5(3)S6a Version: 15.5(3)S7 Version: 15.5(3)S6b Version: 15.5(3)S8 Version: 15.5(3)S9 Version: 15.5(3)S10 Version: 15.5(3)S9a Version: 15.5(2)T4 Version: 15.2(5)EA Version: 15.2(4)EA4 Version: 15.2(4)EA5 Version: 15.2(4)EA6 Version: 15.2(4)EA7 Version: 15.2(4)EA8 Version: 15.2(4)EA9 Version: 15.2(4)EA9a Version: 15.5(3)M3 Version: 15.5(3)M4 Version: 15.5(3)M4a Version: 15.5(3)M5 Version: 15.5(3)M6 Version: 15.5(3)M7 Version: 15.5(3)M6a Version: 15.5(3)M8 Version: 15.5(3)M9 Version: 15.5(3)M10 Version: 15.3(1)SY1 Version: 15.3(1)SY2 Version: 15.2(4)EC1 Version: 15.2(4)EC2 Version: 15.4(1)SY Version: 15.4(1)SY1 Version: 15.4(1)SY2 Version: 15.4(1)SY3 Version: 15.4(1)SY4 Version: 15.5(1)SY Version: 15.5(1)SY1 Version: 15.5(1)SY2 Version: 15.5(1)SY3 Version: 15.5(1)SY4 Version: 15.5(1)SY5 Version: 15.5(1)SY6 Version: 15.5(1)SY7 Version: 15.5(1)SY8 Version: 15.5(1)SY9 Version: 15.5(1)SY10 Version: 15.5(1)SY11 Version: 15.7(3)M Version: 15.7(3)M1 Version: 15.7(3)M0a Version: 15.7(3)M3 Version: 15.7(3)M2 Version: 15.7(3)M4 Version: 15.7(3)M5 Version: 15.7(3)M4a Version: 15.7(3)M4b Version: 15.7(3)M6 Version: 15.7(3)M7 Version: 15.7(3)M8 Version: 15.7(3)M9 Version: 15.8(3)M Version: 15.8(3)M1 Version: 15.8(3)M0a Version: 15.8(3)M0b Version: 15.8(3)M2 Version: 15.8(3)M1a Version: 15.8(3)M3 Version: 15.8(3)M2a Version: 15.8(3)M4 Version: 15.8(3)M3a Version: 15.8(3)M3b Version: 15.8(3)M5 Version: 15.8(3)M6 Version: 15.8(3)M7 Version: 15.8(3)M8 Version: 15.8(3)M9 Version: 15.8(3)M10 Version: 15.9(3)M Version: 15.9(3)M1 Version: 15.9(3)M0a Version: 15.9(3)M2 Version: 15.9(3)M3 Version: 15.9(3)M2a Version: 15.9(3)M3a Version: 15.9(3)M4 Version: 15.9(3)M3b Version: 15.9(3)M5 Version: 15.9(3)M4a Version: 15.9(3)M6 Version: 15.9(3)M7 Version: 15.9(3)M6a Version: 15.9(3)M6b Version: 15.9(3)M7a Version: 15.3(3)JPI11 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T18:38:50.142203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:20.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:41.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ikev1-NO2ccFWz",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "15.1(2)SG8"
},
{
"status": "affected",
"version": "15.2(4)M11"
},
{
"status": "affected",
"version": "15.1(2)SY8"
},
{
"status": "affected",
"version": "15.1(2)SY9"
},
{
"status": "affected",
"version": "15.1(2)SY10"
},
{
"status": "affected",
"version": "15.1(2)SY11"
},
{
"status": "affected",
"version": "15.1(2)SY12"
},
{
"status": "affected",
"version": "15.1(2)SY13"
},
{
"status": "affected",
"version": "15.1(2)SY14"
},
{
"status": "affected",
"version": "15.1(2)SY15"
},
{
"status": "affected",
"version": "15.1(2)SY16"
},
{
"status": "affected",
"version": "15.3(3)S8"
},
{
"status": "affected",
"version": "15.3(3)S9"
},
{
"status": "affected",
"version": "15.3(3)S10"
},
{
"status": "affected",
"version": "15.3(3)S8a"
},
{
"status": "affected",
"version": "15.2(4)E2"
},
{
"status": "affected",
"version": "15.2(3)E4"
},
{
"status": "affected",
"version": "15.2(5)E"
},
{
"status": "affected",
"version": "15.2(4)E3"
},
{
"status": "affected",
"version": "15.2(5b)E"
},
{
"status": "affected",
"version": "15.2(3)E5"
},
{
"status": "affected",
"version": "15.2(4)E4"
},
{
"status": "affected",
"version": "15.2(4)E5"
},
{
"status": "affected",
"version": "15.2(4)E5a"
},
{
"status": "affected",
"version": "15.2(4)E6"
},
{
"status": "affected",
"version": "15.2(4)E7"
},
{
"status": "affected",
"version": "15.2(4)E8"
},
{
"status": "affected",
"version": "15.2(4)E9"
},
{
"status": "affected",
"version": "15.2(4)E10"
},
{
"status": "affected",
"version": "15.2(4)E10a"
},
{
"status": "affected",
"version": "15.2(4)E10d"
},
{
"status": "affected",
"version": "15.4(3)S6"
},
{
"status": "affected",
"version": "15.4(3)S7"
},
{
"status": "affected",
"version": "15.4(3)S6a"
},
{
"status": "affected",
"version": "15.4(3)S8"
},
{
"status": "affected",
"version": "15.4(3)S9"
},
{
"status": "affected",
"version": "15.4(3)S10"
},
{
"status": "affected",
"version": "15.3(3)M8"
},
{
"status": "affected",
"version": "15.3(3)M9"
},
{
"status": "affected",
"version": "15.3(3)M10"
},
{
"status": "affected",
"version": "15.3(3)M8a"
},
{
"status": "affected",
"version": "15.2(1)SY3"
},
{
"status": "affected",
"version": "15.2(1)SY4"
},
{
"status": "affected",
"version": "15.2(1)SY5"
},
{
"status": "affected",
"version": "15.2(1)SY6"
},
{
"status": "affected",
"version": "15.2(1)SY7"
},
{
"status": "affected",
"version": "15.2(1)SY8"
},
{
"status": "affected",
"version": "15.5(3)S3"
},
{
"status": "affected",
"version": "15.5(1)S4"
},
{
"status": "affected",
"version": "15.5(2)S4"
},
{
"status": "affected",
"version": "15.5(3)S4"
},
{
"status": "affected",
"version": "15.5(3)S5"
},
{
"status": "affected",
"version": "15.5(3)S6"
},
{
"status": "affected",
"version": "15.5(3)S6a"
},
{
"status": "affected",
"version": "15.5(3)S7"
},
{
"status": "affected",
"version": "15.5(3)S6b"
},
{
"status": "affected",
"version": "15.5(3)S8"
},
{
"status": "affected",
"version": "15.5(3)S9"
},
{
"status": "affected",
"version": "15.5(3)S10"
},
{
"status": "affected",
"version": "15.5(3)S9a"
},
{
"status": "affected",
"version": "15.5(2)T4"
},
{
"status": "affected",
"version": "15.2(5)EA"
},
{
"status": "affected",
"version": "15.2(4)EA4"
},
{
"status": "affected",
"version": "15.2(4)EA5"
},
{
"status": "affected",
"version": "15.2(4)EA6"
},
{
"status": "affected",
"version": "15.2(4)EA7"
},
{
"status": "affected",
"version": "15.2(4)EA8"
},
{
"status": "affected",
"version": "15.2(4)EA9"
},
{
"status": "affected",
"version": "15.2(4)EA9a"
},
{
"status": "affected",
"version": "15.5(3)M3"
},
{
"status": "affected",
"version": "15.5(3)M4"
},
{
"status": "affected",
"version": "15.5(3)M4a"
},
{
"status": "affected",
"version": "15.5(3)M5"
},
{
"status": "affected",
"version": "15.5(3)M6"
},
{
"status": "affected",
"version": "15.5(3)M7"
},
{
"status": "affected",
"version": "15.5(3)M6a"
},
{
"status": "affected",
"version": "15.5(3)M8"
},
{
"status": "affected",
"version": "15.5(3)M9"
},
{
"status": "affected",
"version": "15.5(3)M10"
},
{
"status": "affected",
"version": "15.3(1)SY1"
},
{
"status": "affected",
"version": "15.3(1)SY2"
},
{
"status": "affected",
"version": "15.2(4)EC1"
},
{
"status": "affected",
"version": "15.2(4)EC2"
},
{
"status": "affected",
"version": "15.4(1)SY"
},
{
"status": "affected",
"version": "15.4(1)SY1"
},
{
"status": "affected",
"version": "15.4(1)SY2"
},
{
"status": "affected",
"version": "15.4(1)SY3"
},
{
"status": "affected",
"version": "15.4(1)SY4"
},
{
"status": "affected",
"version": "15.5(1)SY"
},
{
"status": "affected",
"version": "15.5(1)SY1"
},
{
"status": "affected",
"version": "15.5(1)SY2"
},
{
"status": "affected",
"version": "15.5(1)SY3"
},
{
"status": "affected",
"version": "15.5(1)SY4"
},
{
"status": "affected",
"version": "15.5(1)SY5"
},
{
"status": "affected",
"version": "15.5(1)SY6"
},
{
"status": "affected",
"version": "15.5(1)SY7"
},
{
"status": "affected",
"version": "15.5(1)SY8"
},
{
"status": "affected",
"version": "15.5(1)SY9"
},
{
"status": "affected",
"version": "15.5(1)SY10"
},
{
"status": "affected",
"version": "15.5(1)SY11"
},
{
"status": "affected",
"version": "15.7(3)M"
},
{
"status": "affected",
"version": "15.7(3)M1"
},
{
"status": "affected",
"version": "15.7(3)M0a"
},
{
"status": "affected",
"version": "15.7(3)M3"
},
{
"status": "affected",
"version": "15.7(3)M2"
},
{
"status": "affected",
"version": "15.7(3)M4"
},
{
"status": "affected",
"version": "15.7(3)M5"
},
{
"status": "affected",
"version": "15.7(3)M4a"
},
{
"status": "affected",
"version": "15.7(3)M4b"
},
{
"status": "affected",
"version": "15.7(3)M6"
},
{
"status": "affected",
"version": "15.7(3)M7"
},
{
"status": "affected",
"version": "15.7(3)M8"
},
{
"status": "affected",
"version": "15.7(3)M9"
},
{
"status": "affected",
"version": "15.8(3)M"
},
{
"status": "affected",
"version": "15.8(3)M1"
},
{
"status": "affected",
"version": "15.8(3)M0a"
},
{
"status": "affected",
"version": "15.8(3)M0b"
},
{
"status": "affected",
"version": "15.8(3)M2"
},
{
"status": "affected",
"version": "15.8(3)M1a"
},
{
"status": "affected",
"version": "15.8(3)M3"
},
{
"status": "affected",
"version": "15.8(3)M2a"
},
{
"status": "affected",
"version": "15.8(3)M4"
},
{
"status": "affected",
"version": "15.8(3)M3a"
},
{
"status": "affected",
"version": "15.8(3)M3b"
},
{
"status": "affected",
"version": "15.8(3)M5"
},
{
"status": "affected",
"version": "15.8(3)M6"
},
{
"status": "affected",
"version": "15.8(3)M7"
},
{
"status": "affected",
"version": "15.8(3)M8"
},
{
"status": "affected",
"version": "15.8(3)M9"
},
{
"status": "affected",
"version": "15.8(3)M10"
},
{
"status": "affected",
"version": "15.9(3)M"
},
{
"status": "affected",
"version": "15.9(3)M1"
},
{
"status": "affected",
"version": "15.9(3)M0a"
},
{
"status": "affected",
"version": "15.9(3)M2"
},
{
"status": "affected",
"version": "15.9(3)M3"
},
{
"status": "affected",
"version": "15.9(3)M2a"
},
{
"status": "affected",
"version": "15.9(3)M3a"
},
{
"status": "affected",
"version": "15.9(3)M4"
},
{
"status": "affected",
"version": "15.9(3)M3b"
},
{
"status": "affected",
"version": "15.9(3)M5"
},
{
"status": "affected",
"version": "15.9(3)M4a"
},
{
"status": "affected",
"version": "15.9(3)M6"
},
{
"status": "affected",
"version": "15.9(3)M7"
},
{
"status": "affected",
"version": "15.9(3)M6a"
},
{
"status": "affected",
"version": "15.9(3)M6b"
},
{
"status": "affected",
"version": "15.9(3)M7a"
},
{
"status": "affected",
"version": "15.3(3)JPI11"
}
]
},
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.4.8SG"
},
{
"status": "affected",
"version": "3.10.8S"
},
{
"status": "affected",
"version": "3.10.8aS"
},
{
"status": "affected",
"version": "3.10.9S"
},
{
"status": "affected",
"version": "3.10.10S"
},
{
"status": "affected",
"version": "3.13.6S"
},
{
"status": "affected",
"version": "3.13.7S"
},
{
"status": "affected",
"version": "3.13.6aS"
},
{
"status": "affected",
"version": "3.13.7aS"
},
{
"status": "affected",
"version": "3.13.8S"
},
{
"status": "affected",
"version": "3.13.9S"
},
{
"status": "affected",
"version": "3.13.10S"
},
{
"status": "affected",
"version": "3.14.4S"
},
{
"status": "affected",
"version": "3.15.4S"
},
{
"status": "affected",
"version": "3.7.4E"
},
{
"status": "affected",
"version": "3.7.5E"
},
{
"status": "affected",
"version": "3.16.3S"
},
{
"status": "affected",
"version": "3.16.3aS"
},
{
"status": "affected",
"version": "3.16.4S"
},
{
"status": "affected",
"version": "3.16.4aS"
},
{
"status": "affected",
"version": "3.16.4bS"
},
{
"status": "affected",
"version": "3.16.5S"
},
{
"status": "affected",
"version": "3.16.4dS"
},
{
"status": "affected",
"version": "3.16.6S"
},
{
"status": "affected",
"version": "3.16.7S"
},
{
"status": "affected",
"version": "3.16.6bS"
},
{
"status": "affected",
"version": "3.16.7aS"
},
{
"status": "affected",
"version": "3.16.7bS"
},
{
"status": "affected",
"version": "3.16.8S"
},
{
"status": "affected",
"version": "3.16.9S"
},
{
"status": "affected",
"version": "3.16.10S"
},
{
"status": "affected",
"version": "16.1.3"
},
{
"status": "affected",
"version": "16.2.1"
},
{
"status": "affected",
"version": "16.2.2"
},
{
"status": "affected",
"version": "3.8.2E"
},
{
"status": "affected",
"version": "3.8.3E"
},
{
"status": "affected",
"version": "3.8.4E"
},
{
"status": "affected",
"version": "3.8.5E"
},
{
"status": "affected",
"version": "3.8.5aE"
},
{
"status": "affected",
"version": "3.8.6E"
},
{
"status": "affected",
"version": "3.8.7E"
},
{
"status": "affected",
"version": "3.8.8E"
},
{
"status": "affected",
"version": "3.8.9E"
},
{
"status": "affected",
"version": "3.8.10E"
},
{
"status": "affected",
"version": "16.3.1"
},
{
"status": "affected",
"version": "16.3.2"
},
{
"status": "affected",
"version": "16.3.3"
},
{
"status": "affected",
"version": "16.3.1a"
},
{
"status": "affected",
"version": "16.3.4"
},
{
"status": "affected",
"version": "16.3.5"
},
{
"status": "affected",
"version": "16.3.5b"
},
{
"status": "affected",
"version": "16.3.6"
},
{
"status": "affected",
"version": "16.3.7"
},
{
"status": "affected",
"version": "16.3.8"
},
{
"status": "affected",
"version": "16.3.9"
},
{
"status": "affected",
"version": "16.3.10"
},
{
"status": "affected",
"version": "16.3.11"
},
{
"status": "affected",
"version": "16.4.1"
},
{
"status": "affected",
"version": "16.4.2"
},
{
"status": "affected",
"version": "16.4.3"
},
{
"status": "affected",
"version": "16.5.1"
},
{
"status": "affected",
"version": "16.5.1a"
},
{
"status": "affected",
"version": "16.5.1b"
},
{
"status": "affected",
"version": "16.5.2"
},
{
"status": "affected",
"version": "16.5.3"
},
{
"status": "affected",
"version": "3.9.0E"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "16.6.2"
},
{
"status": "affected",
"version": "16.6.3"
},
{
"status": "affected",
"version": "16.6.4"
},
{
"status": "affected",
"version": "16.6.5"
},
{
"status": "affected",
"version": "16.6.4a"
},
{
"status": "affected",
"version": "16.6.5a"
},
{
"status": "affected",
"version": "16.6.6"
},
{
"status": "affected",
"version": "16.6.7"
},
{
"status": "affected",
"version": "16.6.8"
},
{
"status": "affected",
"version": "16.6.9"
},
{
"status": "affected",
"version": "16.6.10"
},
{
"status": "affected",
"version": "16.7.1"
},
{
"status": "affected",
"version": "16.7.1a"
},
{
"status": "affected",
"version": "16.7.1b"
},
{
"status": "affected",
"version": "16.7.2"
},
{
"status": "affected",
"version": "16.7.3"
},
{
"status": "affected",
"version": "16.7.4"
},
{
"status": "affected",
"version": "16.8.1"
},
{
"status": "affected",
"version": "16.8.1a"
},
{
"status": "affected",
"version": "16.8.1b"
},
{
"status": "affected",
"version": "16.8.1s"
},
{
"status": "affected",
"version": "16.8.1c"
},
{
"status": "affected",
"version": "16.8.1d"
},
{
"status": "affected",
"version": "16.8.2"
},
{
"status": "affected",
"version": "16.8.1e"
},
{
"status": "affected",
"version": "16.8.3"
},
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.9.1a"
},
{
"status": "affected",
"version": "16.9.1b"
},
{
"status": "affected",
"version": "16.9.1s"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.9.3a"
},
{
"status": "affected",
"version": "16.9.5"
},
{
"status": "affected",
"version": "16.9.5f"
},
{
"status": "affected",
"version": "16.9.6"
},
{
"status": "affected",
"version": "16.9.7"
},
{
"status": "affected",
"version": "16.9.8"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.1a"
},
{
"status": "affected",
"version": "16.10.1b"
},
{
"status": "affected",
"version": "16.10.1s"
},
{
"status": "affected",
"version": "16.10.1c"
},
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.10.1d"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.10.1f"
},
{
"status": "affected",
"version": "16.10.1g"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.2"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.1a"
},
{
"status": "affected",
"version": "16.12.1c"
},
{
"status": "affected",
"version": "16.12.1w"
},
{
"status": "affected",
"version": "16.12.2"
},
{
"status": "affected",
"version": "16.12.1y"
},
{
"status": "affected",
"version": "16.12.2a"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.1x"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.3s"
},
{
"status": "affected",
"version": "16.12.3a"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.1z1"
},
{
"status": "affected",
"version": "16.12.5a"
},
{
"status": "affected",
"version": "16.12.5b"
},
{
"status": "affected",
"version": "16.12.1z2"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "16.12.9"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1a"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.1v"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "17.3.1w"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.1x"
},
{
"status": "affected",
"version": "17.3.1z"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.4.2a"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.1w"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.1x"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.1z"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.1z1"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.7.1b"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.1w"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.1x"
},
{
"status": "affected",
"version": "17.9.1y"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.1x1"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.11.99SW"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.\r\n\r This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\r\n\r Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T17:23:40.022Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ikev1-NO2ccFWz",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz"
}
],
"source": {
"advisory": "cisco-sa-ikev1-NO2ccFWz",
"defects": [
"CSCwf11183"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20307",
"datePublished": "2024-03-27T17:23:40.022Z",
"dateReserved": "2023-11-08T15:08:07.631Z",
"dateUpdated": "2024-08-01T21:59:41.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20307\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-03-27T18:15:09.357\",\"lastModified\":\"2024-11-21T08:52:18.737\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.\\r\\n\\r This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\\r\\n\\r Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el c\u00f3digo de fragmentaci\u00f3n IKEv1 del software Cisco IOS y del software Cisco IOS XE podr\u00eda permitir que un atacante remoto no autenticado provoque un desbordamiento de almacenamiento din\u00e1mico, lo que provocar\u00eda la recarga del dispositivo afectado. Esta vulnerabilidad existe porque los paquetes IKEv1 fragmentados y elaborados no se vuelven a ensamblar correctamente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes UDP manipulados a un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado se recargue, lo que resultar\u00eda en una condici\u00f3n DoS. Nota: S\u00f3lo el tr\u00e1fico dirigido al sistema afectado se puede utilizar para aprovechar esta vulnerabilidad. Esta vulnerabilidad puede ser provocada por el tr\u00e1fico IPv4 e IPv6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.