Sign-up

ID

VAR-202003-1187


CVE

CVE-2020-3190


TITLE

Cisco IOS XR Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-002480

DESCRIPTION

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending malicious ICMP error messages to an affected device that get punted to the IPsec packet processor. A successful exploit could allow the attacker to deplete IPsec memory, resulting in all future IPsec packets to an affected device being dropped by the device. Manual intervention is required to recover from this situation. Cisco IOS XR Software contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Cisco IOS XR is an operating system developed by Cisco for its network equipment. The following products and versions are affected: Cisco IOS XR (release) prior to 6.4.3, prior to 6.6.3, prior to 7.0.2, and prior to 7.1.1

Trust: 1.71

sources: NVD: CVE-2020-3190 // JVNDB: JVNDB-2020-002480 // VULHUB: VHN-181315

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.1.1

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:7.1.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:6.6.3

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:6.4.3

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:6.6.0

Trust: 1.0

vendor:ciscomodel:ios xrscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xrscope:eqversion:2.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:2.0.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.1

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0.1

Trust: 0.6

sources: JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3190
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3190
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-002480
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202003-173
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181315
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3190
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002480
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181315
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3190
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3190
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002480
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190 // NVD: CVE-2020-3190

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // NVD: CVE-2020-3190

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-173

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202003-173

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002480

PATCH
title:cisco-sa-iosxr-ipsec-dos-q8UPX6murl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipsec-dos-q8UPX6m
Trust: 0.8
title:Cisco IOS XR Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111109
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-002480 // 
            
            
            
            CNNVD: CNNVD-202003-173

EXTERNAL IDS
db:NVDid:CVE-2020-3190
Trust: 2.5
db:JVNDBid:JVNDB-2020-002480
Trust: 0.8
db:CNNVDid:CNNVD-202003-173
Trust: 0.7
db:AUSCERTid:ESB-2020.0802
Trust: 0.6
db:VULHUBid:VHN-181315
Trust: 0.1
sources:
            
            
            VULHUB: VHN-181315 // 
            
            
            
            JVNDB: JVNDB-2020-002480 // 
            
            
            
            CNNVD: CNNVD-202003-173 // 
            
            
            
            NVD: CVE-2020-3190

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iosxr-ipsec-dos-q8upx6m
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-3190
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3190
Trust: 0.8
url:https://vigilance.fr/vulnerability/cisco-ios-xr-overload-via-ipsec-packet-processor-31729
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.0802/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-181315 // 
            
            
            
            JVNDB: JVNDB-2020-002480 // 
            
            
            
            CNNVD: CNNVD-202003-173 // 
            
            
            
            NVD: CVE-2020-3190

SOURCES
db:VULHUBid:VHN-181315
db:JVNDBid:JVNDB-2020-002480
db:CNNVDid:CNNVD-202003-173
db:NVDid:CVE-2020-3190

LAST UPDATE DATE
2024-08-14T14:32:15.997000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-181315date:2020-03-06T00:00:00
db:JVNDBid:JVNDB-2020-002480date:2020-03-17T00:00:00
db:CNNVDid:CNNVD-202003-173date:2020-03-13T00:00:00
db:NVDid:CVE-2020-3190date:2020-03-06T16:27:35.830

SOURCES RELEASE DATE
db:VULHUBid:VHN-181315date:2020-03-04T00:00:00
db:JVNDBid:JVNDB-2020-002480date:2020-03-17T00:00:00
db:CNNVDid:CNNVD-202003-173date:2020-03-04T00:00:00
db:NVDid:CVE-2020-3190date:2020-03-04T19:15:13.493