Vulnerabilites related to cisco - iem-3300-6t2s
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:30
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPBVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPBVendor Advisory
Impacted products
Vendor Product Version
cisco ios 15.2\(7\)e
cisco ios_xe 15.2\(7\)e
cisco ie-4000-16gt4g-e -
cisco ie-4000-16t4g-e -
cisco ie-4000-4gc4gp4g-e -
cisco ie-4000-4gs8gp4g-e -
cisco ie-4000-4s8p4g-e -
cisco ie-4000-4t4p4g-e -
cisco ie-4000-4tc4g-e -
cisco ie-4000-8gs4g-e -
cisco ie-4000-8gt4g-e -
cisco ie-4000-8gt8gp4g-e -
cisco ie-4000-8s4g-e -
cisco ie-4000-8t4g-e -
cisco ios_xe 16.11.1a
cisco ios 16.11.1a
cisco ie-3200-8p2s-e -
cisco ie-3200-8t2s-e -
cisco ie-3300-8p2s-a -
cisco ie-3300-8p2s-e -
cisco ie-3300-8t2s-a -
cisco ie-3300-8t2s-e -
cisco ie-3300-8t2x-a -
cisco ie-3300-8t2x-e -
cisco ie-3400-8p2s-a -
cisco ie-3400-8p2s-e -
cisco ie-3400-8t2s-e -
cisco iem-3300-14t2s -
cisco iem-3300-16p -
cisco iem-3300-16t -
cisco iem-3300-6t2s -
cisco iem-3300-8p -
cisco iem-3300-8s -
cisco iem-3300-8t -
cisco iem-3400-8p -
cisco iem-3400-8s -
cisco iem-3400-8t -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*",
                     matchCriteriaId: "6437E689-A049-4D48-AB7A-49CA7EBDE8B6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:15.2\\(7\\)e:*:*:*:*:*:*:*",
                     matchCriteriaId: "C63AD57E-BA66-45B6-AC6E-2BD92A19A036",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-16gt4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD991C01-E65C-481C-AAA3-E08A24254DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-16t4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "268A46F5-DBB4-47BA-966E-F5A62DDF3C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4gc4gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "600D74B4-4F39-4C44-BA6A-BBB54A2BD180",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4gs8gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99A6D521-867A-4153-9D44-9031DCEDE001",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4s8p4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3E68FB8-A69F-44F3-85D1-615AB5C69ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4t4p4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03563067-37A6-40C7-AC54-23EC0A6E8447",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4tc4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "24BD8251-608E-4107-9573-46D9B8F86943",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gs4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F83B7416-A5EF-49FA-85FC-88EBA723999B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gt4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BE4D4D0-0637-4E34-8834-399155CD06E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gt8gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38D65414-A04C-46AF-837C-E3BA694CCF62",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8s4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A6CD85B-88F3-484A-8D47-41E04CF34AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8t4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08FDAAB5-0FF5-4313-A04F-7BC35061B553",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D43154B-EF43-42F8-93CF-7AF47685827D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:16.11.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AD6EF2F-3BEB-4103-A7D7-73F580C58EB2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3200-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "409A8E23-765E-4DDF-A1D6-957C069485F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3200-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBDA8A7A-0E67-457D-B141-4A7123D88563",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8p2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9BE362-7510-49AA-8407-9DF16C2CE83F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "188F53F7-026B-439F-8230-7A86F88ED291",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D83BE1F-BEAA-4A5E-ABB3-3D1C1290C33D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A025E73-71FF-4021-A531-972597B20983",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "258F818D-A13B-487F-B885-BCD66CFD9A35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "96578BAC-0720-4662-9C15-10B085618ADB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8p2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E1424EF-E9F8-40AD-8B77-95A6EC220C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE60F5EA-EE6A-45F2-8276-6859F1F976F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E58BBF6-0975-45F0-9EBE-10AD86FBE1C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-14t2s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8FB643C1-EF42-440B-98B1-EAD1F2263BD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-16p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7DCD235-75AC-42A8-BFD8-A6D7C0F4FD7E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-16t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C1BD017-FFE6-449B-BCA2-3FF63DF0817B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-6t2s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "90BFFD51-73C6-4A29-940D-92D1747BCB74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67AAE6BB-F377-42A8-B837-52D8C037CB4B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C49447E5-A907-410D-9902-6791236C48E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A2425A7-D37F-4B12-B2DD-96DD7ED09914",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51880705-BE24-4849-8A61-A4D3A25592F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3555C71B-3CCF-41A4-85F7-91408D1451FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E68CBE3F-7204-45F6-A1DB-6C7FE71575C9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la funcionalidad PROFINET de Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante adyacente no autenticado causar que un dispositivo afectado se bloquee y recargue, resultando en una condición de denegación de servicio (DoS) en el dispositivo. La vulnerabilidad es debido a una lógica de procesamiento insuficiente para los paquetes PROFINET diseñados que son enviados hacia un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes PROFINET diseñados hacia un dispositivo afectado para su procesamiento. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee y recargue, resultando en una condición DoS en el dispositivo.",
      },
   ],
   id: "CVE-2020-3409",
   lastModified: "2024-11-21T05:30:58.503",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-24T18:15:18.353",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 15.2\(7\)e
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-8x24uq -
cisco catalyst_3850-24xs -
cisco catalyst_3850-48xs -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_c9200-24p -
cisco catalyst_c9200-24t -
cisco catalyst_c9200-48p -
cisco catalyst_c9200-48t -
cisco catalyst_c9200l-24p-4g -
cisco catalyst_c9200l-24p-4x -
cisco catalyst_c9200l-24pxg-2y -
cisco catalyst_c9200l-24pxg-4x -
cisco catalyst_c9200l-24t-4g -
cisco catalyst_c9200l-24t-4x -
cisco catalyst_c9200l-48p-4g -
cisco catalyst_c9200l-48p-4x -
cisco catalyst_c9200l-48pxg-2y -
cisco catalyst_c9200l-48pxg-4x -
cisco catalyst_c9200l-48t-4g -
cisco catalyst_c9200l-48t-4x -
cisco catalyst_c9300-24p -
cisco catalyst_c9300-24s -
cisco catalyst_c9300-24t -
cisco catalyst_c9300-24u -
cisco catalyst_c9300-24ux -
cisco catalyst_c9300-48p -
cisco catalyst_c9300-48s -
cisco catalyst_c9300-48t -
cisco catalyst_c9300-48u -
cisco catalyst_c9300-48un -
cisco catalyst_c9300-48uxm -
cisco catalyst_c9300l-24p-4g -
cisco catalyst_c9300l-24p-4x -
cisco catalyst_c9300l-24t-4g -
cisco catalyst_c9300l-24t-4x -
cisco catalyst_c9300l-48p-4g -
cisco catalyst_c9300l-48p-4x -
cisco catalyst_c9300l-48t-4g -
cisco catalyst_c9300l-48t-4x -
cisco catalyst_c9404r -
cisco catalyst_c9407r -
cisco catalyst_c9410r -
cisco catalyst_c9500-12q -
cisco catalyst_c9500-16x -
cisco catalyst_c9500-24q -
cisco catalyst_c9500-24y4c -
cisco catalyst_c9500-32c -
cisco catalyst_c9500-32qc -
cisco catalyst_c9500-40x -
cisco catalyst_c9500-48y4c -
cisco connected_grid_switch_2520 -
cisco ess_2020 -
cisco ess_3300 -
cisco ie-1000 -
cisco ie-2000u-16tc-g -
cisco ie-2000u-16tc-g-x -
cisco ie-2000u-16tc-gp -
cisco ie-2000u-4s-g -
cisco ie-2000u-4t-gs -
cisco ie-2000u-4ts-g -
cisco ie-2000u-8tc-g -
cisco ie-3000 -
cisco ie-3010-16s-8pc_industrial_ethernet_switch -
cisco ie-3010-24tc_industrial_ethernet_switch -
cisco ie-3200-8p2s-e -
cisco ie-3200-8t2s-e -
cisco ie-3300-8p2s-a -
cisco ie-3300-8p2s-e -
cisco ie-3300-8t2s-a -
cisco ie-3300-8t2s-e -
cisco ie-3300-8t2x-a -
cisco ie-3300-8t2x-e -
cisco ie-3300-8u2x-a -
cisco ie-3300-8u2x-e -
cisco ie-3400-8p2s-a -
cisco ie-3400-8p2s-e -
cisco ie-3400-8t2s-a -
cisco ie-3400-8t2s-e -
cisco ie-4000-16gt4g-e -
cisco ie-4000-16t4g-e -
cisco ie-4000-4gc4gp4g-e -
cisco ie-4000-4gs8gp4g-e -
cisco ie-4000-4s8p4g-e -
cisco ie-4000-4t4p4g-e -
cisco ie-4000-4tc4g-e -
cisco ie-4000-8gs4g-e -
cisco ie-4000-8gt4g-e -
cisco ie-4000-8gt8gp4g-e -
cisco ie-4000-8s4g-e -
cisco ie-4000-8t4g-e -
cisco ie-4010-16s12p_industrial_ethernet_switch -
cisco ie-4010-4s24p_industrial_ethernet_switch -
cisco ie-5000-12s12p-10g -
cisco ie-5000-16s12p -
cisco ie_2000-16ptc-g_industrial_ethernet_switch -
cisco ie_2000-16t67_industrial_ethernet_switch -
cisco ie_2000-16t67p_industrial_ethernet_switch -
cisco ie_2000-16tc-g-e_industrial_ethernet_switch -
cisco ie_2000-16tc-g-n_industrial_ethernet_switch -
cisco ie_2000-16tc-g-x_industrial_ethernet_switch -
cisco ie_2000-16tc-g_industrial_ethernet_switch -
cisco ie_2000-16tc_industrial_ethernet_switch -
cisco ie_2000-24t67_industrial_ethernet_switch -
cisco ie_2000-4s-ts-g_industrial_ethernet_switch -
cisco ie_2000-4t-g_industrial_ethernet_switch -
cisco ie_2000-4t_industrial_ethernet_switch -
cisco ie_2000-4ts-g_industrial_ethernet_switch -
cisco ie_2000-4ts_industrial_ethernet_switch -
cisco ie_2000-8t67_industrial_ethernet_switch -
cisco ie_2000-8t67p_industrial_ethernet_switch -
cisco ie_2000-8tc-g-e_industrial_ethernet_switch -
cisco ie_2000-8tc-g-n_industrial_ethernet_switch -
cisco ie_2000-8tc-g_industrial_ethernet_switch -
cisco iem-3300-14t2s -
cisco iem-3300-16p -
cisco iem-3300-16t -
cisco iem-3300-4mu-2 -
cisco iem-3300-6t2s -
cisco iem-3300-8p -
cisco iem-3300-8s -
cisco iem-3300-8t -
cisco iem-3400-8p -
cisco iem-3400-8s -
cisco iem-3400-8t -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:15.2\\(7\\)e:*:*:*:*:*:*:*",
                     matchCriteriaId: "C63AD57E-BA66-45B6-AC6E-2BD92A19A036",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7434059A-25B8-4FAC-A756-6E571348B76E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "858FEECF-CC69-4E68-8E8A-674643021964",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8904EAF5-25E7-4A6B-8117-1859F913B83B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "59A990D6-B748-4AFD-B924-1D19680BD3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18736C74-F68F-4D0B-AE2B-4BC1834EF794",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D223C2AB-22A4-42B5-8BBB-78E2CBF23B40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDD3EAA2-8F25-4099-B76F-5ACC3BE34610",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE9BD57F-BDAC-46DD-AF87-8914B29670F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7E00A0B-A58E-472F-B107-0FE106751F2D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BCB45406-5216-4A11-B8D3-C44639DC26B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "215D01AE-3767-482A-85C5-3361506F0AC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A06E37A8-166F-4534-9089-D20B1227F4DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9D6DAE3-BAD0-46D8-B899-45B955F532F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "327167E8-4B65-4F9D-8760-34CDA03887CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0DA2253-C6A9-4749-B313-6552628A96F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C925086A-94B9-4FE0-9FEB-3242C1217453",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6EB14B34-4035-41D2-834B-7FB069264207",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A46D298-1685-410E-879C-2EBC45C185AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "196A7C06-8371-479D-973D-591DEB181739",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE42511E-9883-4779-A8E5-FC3E16EF2793",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB06AD21-91A7-46B8-8F44-683828A5422D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DA169AF-3743-4051-B63B-FF6E1ADCD886",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7D13CF5B-4482-4C7D-8D6A-E220F3E4F868",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92134C0A-4E5B-43EF-8439-484DF504C43C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26ECF9BD-F632-4A02-8993-C0D44B91289C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "48730DB5-94AF-4BE7-8047-52B8B47CE35A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A88142-3284-4C25-8774-36004B5F9087",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8EB76311-4B6D-4897-A683-4244E92BD570",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDA2975-CDB7-4182-A03E-D34F15CDF6F1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35B9D0B5-4BE1-490E-9A68-00A3D357BC3D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA2F5A-6146-4142-96A8-552118E4BB67",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEF786D6-F28F-49D8-A15C-BFD0AA934355",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FEFF895-6E4A-4108-BD25-D7DC83154832",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A485A9A0-2EEC-4C13-846C-0DE2265B2A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B9F1ACA-9D67-4BF0-A357-40D39A61ED00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B2E41E2-00CE-42C4-8C91-9307D76F5D7A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98CB2D23-B5F8-4FA9-8431-3B0124CE2140",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53D13F1D-345D-45D5-9000-DAFE8A85D71B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CFB064E-E390-47B5-AA76-5D3D2E368055",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:connected_grid_switch_2520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CD18587-5E96-4368-B153-98276C03BE2D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess_2020:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FFD77DA-ECD9-43DB-8405-BF3B04234CB3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess_3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "63B351A8-00DB-4FA6-9536-C3B8938C6D3D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1AE4AF5-111F-47EA-921F-B58C570B1AB5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-16tc-g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "798DF7E1-12C7-4C07-9E0A-F3F5F7B69115",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-16tc-g-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA9D5A00-6329-4629-851A-F2E204034B25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-16tc-gp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1E709DD-B051-4612-A295-F64D934D9DC0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-4s-g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06CD752-06CA-4A41-93CF-A1CADD3DD5DA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-4t-gs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F732189-B2CE-4D79-9E0B-87E9F1295D01",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-4ts-g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7271B8BC-0A31-41AD-A6EE-5119D8CD706C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-2000u-8tc-g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "309ACF28-4262-4AE4-96B5-85CD45D3F4C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92C69ABC-43E5-4440-8D14-07C6531C77E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3010-16s-8pc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0071F74-A0D3-45FE-8F58-F2F4D64AA0A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3010-24tc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "095B70C4-0551-42BB-88B3-602DA9AE7C18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3200-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "409A8E23-765E-4DDF-A1D6-957C069485F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3200-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBDA8A7A-0E67-457D-B141-4A7123D88563",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8p2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9BE362-7510-49AA-8407-9DF16C2CE83F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "188F53F7-026B-439F-8230-7A86F88ED291",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D83BE1F-BEAA-4A5E-ABB3-3D1C1290C33D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A025E73-71FF-4021-A531-972597B20983",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "258F818D-A13B-487F-B885-BCD66CFD9A35",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8t2x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "96578BAC-0720-4662-9C15-10B085618ADB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8u2x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B21C9C3-1B1F-4EAF-909B-D68A3975490A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3300-8u2x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50D5D07D-81D0-4827-8AF9-4FA8E1C64D9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8p2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E1424EF-E9F8-40AD-8B77-95A6EC220C2E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8p2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE60F5EA-EE6A-45F2-8276-6859F1F976F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8t2s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10B5F733-8359-4A02-9AE6-379DCEF98B54",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-3400-8t2s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E58BBF6-0975-45F0-9EBE-10AD86FBE1C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-16gt4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD991C01-E65C-481C-AAA3-E08A24254DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-16t4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "268A46F5-DBB4-47BA-966E-F5A62DDF3C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4gc4gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "600D74B4-4F39-4C44-BA6A-BBB54A2BD180",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4gs8gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99A6D521-867A-4153-9D44-9031DCEDE001",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4s8p4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3E68FB8-A69F-44F3-85D1-615AB5C69ED7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4t4p4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03563067-37A6-40C7-AC54-23EC0A6E8447",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-4tc4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "24BD8251-608E-4107-9573-46D9B8F86943",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gs4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F83B7416-A5EF-49FA-85FC-88EBA723999B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gt4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BE4D4D0-0637-4E34-8834-399155CD06E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8gt8gp4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38D65414-A04C-46AF-837C-E3BA694CCF62",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8s4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A6CD85B-88F3-484A-8D47-41E04CF34AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4000-8t4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08FDAAB5-0FF5-4313-A04F-7BC35061B553",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4010-16s12p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A359421-6CD3-43E0-94FC-20C76756C7EC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-4010-4s24p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F9DF32-3E0B-47FA-912A-FCE948BA768E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-5000-12s12p-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1AAE3C21-1147-4C12-8B76-CEFC118996DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie-5000-16s12p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA8E30FA-D61A-4047-A8EC-7EA2F5DF1007",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16ptc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F63F4C5-7784-4B83-B454-E9731210920B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A89AEB2-8690-4389-A896-10430A690243",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16t67p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D464787-DC79-474F-84CA-2B4AD209C21F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16tc-g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAFC9C43-2BAE-4F4E-B084-F9FB54EEF6D1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16tc-g-n_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6EAC97A-E3FC-490F-9D02-8CA8FA87D6DA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16tc-g-x_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B0F4029-9E79-4ADE-A851-72F18635A492",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16tc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C224EE6-1436-4F11-94A8-4CC96A5001F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-16tc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A4E545-9F74-40CC-8212-11798AF8D611",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-24t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D817838-BDA5-4ED8-8EC9-6C5F4C3C9C5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-4s-ts-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "842352DA-0E9B-4520-9B32-C766BEA7BF9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-4t-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66521F18-9C3D-4323-AFC1-5A4ABC476084",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-4t_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E62F6C8-1B96-4093-8E54-05B0086842A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-4ts-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D5D3398-D9AE-4447-8D21-03853B41594E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-4ts_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "27364811-6885-49B9-ADE7-55CD69105EC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-8t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "77F72F96-3272-432C-A8B8-781C95D65A5E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-8t67p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "036F4AFB-CBAA-4155-AC79-B2DC38E37613",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-8tc-g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9725FF2E-25DB-42EB-B504-B169392D6C31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-8tc-g-n_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "683C46D6-6DBD-4C99-A577-4CE624DEDD8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ie_2000-8tc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA132B36-55CB-492A-8B85-715201E7712F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-14t2s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8FB643C1-EF42-440B-98B1-EAD1F2263BD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-16p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7DCD235-75AC-42A8-BFD8-A6D7C0F4FD7E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-16t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C1BD017-FFE6-449B-BCA2-3FF63DF0817B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-4mu-2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0C94B91-10F9-4DE0-AC24-FE74BE429BAE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-6t2s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "90BFFD51-73C6-4A29-940D-92D1747BCB74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67AAE6BB-F377-42A8-B837-52D8C037CB4B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C49447E5-A907-410D-9902-6791236C48E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3300-8t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A2425A7-D37F-4B12-B2DD-96DD7ED09914",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51880705-BE24-4849-8A61-A4D3A25592F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3555C71B-3CCF-41A4-85F7-91408D1451FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:iem-3400-8t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E68CBE3F-7204-45F6-A1DB-6C7FE71575C9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el manejador PROFINET para los mensajes Link Layer Discovery Protocol (LLDP) de Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante adyacente no autenticado causar un bloqueo en un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una comprobación insuficiente de los mensajes LLDP en el manejador de mensajes PROFINET LLDP. Un atacante podría explotar esta vulnerabilidad mediante el envío de un mensaje LLDP malicioso hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que el dispositivo afectado se recargue.",
      },
   ],
   id: "CVE-2020-3512",
   lastModified: "2024-11-21T05:31:13.510",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 5.7,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 5.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-24T18:15:21.323",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-388",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2020-3409
Vulnerability from cvelistv5
Published
2020-09-24 18:01
Modified
2024-11-13 17:55
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPBvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:30:58.309Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200924 Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3409",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:23:08.427597Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T17:55:30.656Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-09-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-24T18:01:55",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200924 Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB",
            },
         ],
         source: {
            advisory: "cisco-sa-profinet-J9QMCHPB",
            defect: [
               [
                  "CSCvr83393",
                  "CSCvs48147",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-09-24T16:00:00",
               ID: "CVE-2020-3409",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200924 Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-profinet-J9QMCHPB",
               defect: [
                  [
                     "CSCvr83393",
                     "CSCvs48147",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3409",
      datePublished: "2020-09-24T18:01:55.301281Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-13T17:55:30.656Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-3512
Vulnerability from cvelistv5
Published
2020-09-24 17:51
Modified
2024-11-13 18:00
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:37:54.412Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3512",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:23:36.491679Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:00:50.458Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-09-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-388",
                     description: "CWE-388",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-24T17:51:35",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5",
            },
         ],
         source: {
            advisory: "cisco-sa-ios-profinet-dos-65qYG3W5",
            defect: [
               [
                  "CSCvr54115",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-09-24T16:00:00",
               ID: "CVE-2020-3512",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-388",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-ios-profinet-dos-65qYG3W5",
               defect: [
                  [
                     "CSCvr54115",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3512",
      datePublished: "2020-09-24T17:51:35.464835Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-13T18:00:50.458Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}