CVE-2020-3175

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.

CVSS v3 8.6 HIGH
CVSS v2.0 7.8 HIGH

8.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-mds-ovrld-dos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:nx-os:6.2\(1\):*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:mds_9132t:-:::::::*
	cpe:2.3:h:cisco:mds_9148s:-:::::::*
	cpe:2.3:h:cisco:mds_9148t:-:::::::*
	cpe:2.3:h:cisco:mds_9216:-:::::::*
	cpe:2.3:h:cisco:mds_9216a:-:::::::*
	cpe:2.3:h:cisco:mds_9216i:-:::::::*
	cpe:2.3:h:cisco:mds_9222i:-:::::::*
	cpe:2.3:h:cisco:mds_9506:-:::::::*
	cpe:2.3:h:cisco:mds_9509:-:::::::*
	cpe:2.3:h:cisco:mds_9513:-:::::::*
	cpe:2.3:h:cisco:mds_9706:-:::::::*
	cpe:2.3:h:cisco:mds_9710:-:::::::*
	cpe:2.3:h:cisco:mds_9718:-:::::::*

History

No history.

Information

Published : 2020-02-26 17:15

Updated : 2023-12-10 13:13

NVD link : CVE-2020-3175

Mitre link : CVE-2020-3175

CVE.ORG link : CVE-2020-3175

JSON object : View

Products Affected

cisco

mds_9222i
mds_9216
mds_9718
mds_9148t
mds_9216a
mds_9148s
mds_9216i
mds_9706
mds_9506
mds_9710
mds_9132t
mds_9513
mds_9509
nx-os

CWE

CWE-400

Uncontrolled Resource Consumption

CWE-664

Improper Control of a Resource Through its Lifetime

{"id": "CVE-2020-3175", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2020-02-26T17:15:13.657", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-mds-ovrld-dos", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-664"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device."}, {"lang": "es", "value": "Una vulnerabilidad en el sistema de manejo de recursos de Cisco NX-OS Software para Cisco MDS 9000 Series Multilayer Switches, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un control inapropiado del uso de recursos. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico hacia la interfaz de administraci\u00f3n (mgmt0) de un dispositivo afectado a velocidades muy altas. Un explotaci\u00f3n podr\u00eda permitir al atacante causar comportamientos inesperados, tal y como un uso elevado de la CPU, bloqueos del proceso o incluso reinicios del sistema completos de un dispositivo afectado."}], "lastModified": "2020-03-03T20:32:50.943", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD54E122-6102-451E-92BF-AF71D98AEBE0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC"}, {"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F"}, {"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8"}, {"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC"}, {"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F"}, {"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415"}, {"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395"}, {"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F"}, {"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70"}, {"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5"}, {"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F"}, {"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9"}, {"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}