ID

VAR-202003-1187


CVE

CVE-2020-3190


TITLE

Cisco IOS XR Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-002480

DESCRIPTION

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending malicious ICMP error messages to an affected device that get punted to the IPsec packet processor. A successful exploit could allow the attacker to deplete IPsec memory, resulting in all future IPsec packets to an affected device being dropped by the device. Manual intervention is required to recover from this situation. Cisco IOS XR Software contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Cisco IOS XR is an operating system developed by Cisco for its network equipment. The following products and versions are affected: Cisco IOS XR (release) prior to 6.4.3, prior to 6.6.3, prior to 7.0.2, and prior to 7.1.1

Trust: 1.71

sources: NVD: CVE-2020-3190 // JVNDB: JVNDB-2020-002480 // VULHUB: VHN-181315

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.1.1

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:7.1.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:6.6.3

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:6.4.3

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:6.6.0

Trust: 1.0

vendor:ciscomodel:ios xrscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xrscope:eqversion:2.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:2.0.0

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.1

Trust: 0.6

vendor:ciscomodel:ios xrscope:eqversion:3.0.1

Trust: 0.6

sources: JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3190
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3190
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-002480
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202003-173
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181315
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3190
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002480
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181315
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3190
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3190
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002480
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190 // NVD: CVE-2020-3190

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // NVD: CVE-2020-3190

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-173

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202003-173

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-002480

PATCH

title:cisco-sa-iosxr-ipsec-dos-q8UPX6murl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipsec-dos-q8UPX6m

Trust: 0.8

title:Cisco IOS XR Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111109

Trust: 0.6

sources: JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173

EXTERNAL IDS

db:NVDid:CVE-2020-3190

Trust: 2.5

db:JVNDBid:JVNDB-2020-002480

Trust: 0.8

db:CNNVDid:CNNVD-202003-173

Trust: 0.7

db:AUSCERTid:ESB-2020.0802

Trust: 0.6

db:VULHUBid:VHN-181315

Trust: 0.1

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iosxr-ipsec-dos-q8upx6m

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-3190

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3190

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-ios-xr-overload-via-ipsec-packet-processor-31729

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0802/

Trust: 0.6

sources: VULHUB: VHN-181315 // JVNDB: JVNDB-2020-002480 // CNNVD: CNNVD-202003-173 // NVD: CVE-2020-3190

SOURCES

db:VULHUBid:VHN-181315
db:JVNDBid:JVNDB-2020-002480
db:CNNVDid:CNNVD-202003-173
db:NVDid:CVE-2020-3190

LAST UPDATE DATE

2024-08-14T14:32:15.997000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181315date:2020-03-06T00:00:00
db:JVNDBid:JVNDB-2020-002480date:2020-03-17T00:00:00
db:CNNVDid:CNNVD-202003-173date:2020-03-13T00:00:00
db:NVDid:CVE-2020-3190date:2020-03-06T16:27:35.830

SOURCES RELEASE DATE

db:VULHUBid:VHN-181315date:2020-03-04T00:00:00
db:JVNDBid:JVNDB-2020-002480date:2020-03-17T00:00:00
db:CNNVDid:CNNVD-202003-173date:2020-03-04T00:00:00
db:NVDid:CVE-2020-3190date:2020-03-04T19:15:13.493