Sign-up

ID

VAR-202009-1124


CVE

CVE-2020-3408


TITLE

Cisco IOS  and  IOS XE  Resource depletion vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-011825

DESCRIPTION

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition

Trust: 1.71

sources: NVD: CVE-2020-3408 // JVNDB: JVNDB-2020-011825 // VULMON: CVE-2020-3408

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:15.8\(3\)m3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.8\(3\)m3

Trust: 1.0

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:xe

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-011825 // NVD: CVE-2020-3408

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2020-3408
value: HIGH

Trust: 1.8

CNNVD: CNNVD-202009-1395
value: HIGH

Trust: 0.6

VULMON: CVE-2020-3408
value: HIGH

Trust: 0.1

VULMON: CVE-2020-3408
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

NVD: CVE-2020-3408
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2020-3408
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2020-3408 // JVNDB: JVNDB-2020-011825 // CNNVD: CNNVD-202009-1395 // NVD: CVE-2020-3408

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:Resource exhaustion (CWE-400) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-011825 // NVD: CVE-2020-3408

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1395

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202009-1395

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2020-3408

PATCH
title:cisco-sa-splitdns-SPWqpdGWurl:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-splitdns-spwqpdgw
Trust: 0.8
title:Cisco IOS  and  Cisco IOS XE Split DNS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=129058
Trust: 0.6
title:Cisco: Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-splitdns-spwqpdgw
Trust: 0.1
sources:
            
            
            VULMON: CVE-2020-3408 // 
            
            
            
            JVNDB: JVNDB-2020-011825 // 
            
            
            
            CNNVD: CNNVD-202009-1395

EXTERNAL IDS
db:NVDid:CVE-2020-3408
Trust: 2.5
db:JVNDBid:JVNDB-2020-011825
Trust: 0.8
db:AUSCERTid:ESB-2020.3277
Trust: 0.6
db:NSFOCUSid:49467
Trust: 0.6
db:CNNVDid:CNNVD-202009-1395
Trust: 0.6
db:VULMONid:CVE-2020-3408
Trust: 0.1
sources:
            
            
            VULMON: CVE-2020-3408 // 
            
            
            
            JVNDB: JVNDB-2020-011825 // 
            
            
            
            CNNVD: CNNVD-202009-1395 // 
            
            
            
            NVD: CVE-2020-3408

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-splitdns-spwqpdgw
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2020-3408
Trust: 1.4
url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-33416
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.3277/
Trust: 0.6
url:http://www.nsfocus.net/vulndb/49467
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/400.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2020-3408 // 
            
            
            
            JVNDB: JVNDB-2020-011825 // 
            
            
            
            CNNVD: CNNVD-202009-1395 // 
            
            
            
            NVD: CVE-2020-3408

SOURCES
db:VULMONid:CVE-2020-3408
db:JVNDBid:JVNDB-2020-011825
db:CNNVDid:CNNVD-202009-1395
db:NVDid:CVE-2020-3408

LAST UPDATE DATE
2022-05-04T09:02:29.516000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2020-3408date:2020-10-06T00:00:00
db:JVNDBid:JVNDB-2020-011825date:2021-04-15T07:51:00
db:CNNVDid:CNNVD-202009-1395date:2020-10-22T00:00:00
db:NVDid:CVE-2020-3408date:2020-10-06T15:39:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2020-3408date:2020-09-24T00:00:00
db:JVNDBid:JVNDB-2020-011825date:2021-04-15T00:00:00
db:CNNVDid:CNNVD-202009-1395date:2020-09-24T00:00:00
db:NVDid:CVE-2020-3408date:2020-09-24T18:15:00