cve-2020-3569
Vulnerability from cvelistv5
Published
2020-09-23 00:25
Modified
2024-11-08 16:09
Severity ?
EPSS score ?
Summary
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco IOS XR Software |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2021-11-03
Due date: 2022-05-03
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-3569
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3569",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T16:08:35.328890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3569"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T16:09:50.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-23T00:25:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
}
],
"source": {
"advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
"defect": [
[
"CSCvr86414",
"CSCvv54838"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-29T03:00:00",
"ID": "CVE-2020-3569",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XR Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
}
]
},
"exploit": [
{
"lang": "en",
"value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
}
]
},
"source": {
"advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
"defect": [
[
"CSCvr86414",
"CSCvv54838"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3569",
"datePublished": "2020-09-23T00:25:17.287176Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-08T16:09:50.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"cisa_known_exploited": {
"cveID": "CVE-2020-3569",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2020-3569",
"product": "IOS XR",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-3569\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2020-09-23T01:15:15.503\",\"lastModified\":\"2024-07-25T17:21:08.993\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades en la funcionalidad Distance Vector Multicast Routing Protocol (DVMRP) del Cisco IOS XR Software, podr\u00edan permitir a un atacante remoto no autenticado bloquear inmediatamente el Internet Group Management Protocol (IGMP) o lo haga consumir la memoria disponible y finalmente bloquearlo.\u0026#xa0;El consumo de memoria puede afectar negativamente a otros procesos que son ejecutados en el dispositivo.\u0026#xa0;Estas vulnerabilidades son debido al manejo incorrecto de paquetes IGMP.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de un tr\u00e1fico IGMP dise\u00f1ado hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante bloquear inmediatamente el proceso IGMP o causar el agotamiento de la memoria, resultando en que otros procesos se vuelvan inestables.\u0026#xa0;Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco emitir\u00e1 actualizaciones de software que abordan estas vulnerabilidades\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC06F7E7-D67F-4C91-B545-F7EB62858BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"370F74EC-829D-4574-BE7D-85700E15C433\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47F3F8E3-D93B-4BAB-8643-AFBFC36940AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E67F538A-3E1A-4749-BB8D-4F8043653B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E05C3F-4095-4B9C-8C11-E32567EB14AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8AE8971-5003-4A39-8173-E17CE9C2523F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36944A2B-E4F5-41DE-AC4D-55BFA603BE5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B842317-A5DB-4890-948A-DD26B7AE2540\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48928FFF-871C-4C07-8352-8C802FAD8F53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"324C97E6-1810-404F-9F45-6240F99FF039\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57EB55BB-41B7-40A1-B6F5-142FE8AB4C16\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"433F4A82-04A4-4EAA-8C19-F7581DCD8D29\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D5E60AB-94FF-448A-89D8-5D2197E21C74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA241214-2F05-4360-9B50-385355E29CF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A93212A4-50AB-42E7-89A4-5FBBAEA050C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA53A61-98B3-458C-8893-61CD7D6B1E48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F396564E-B477-4A27-A189-CEB737552E25\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5445CC54-ACFB-4070-AF26-F91FEAA85181\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A8C028-107B-4410-BCC6-5BCB8DB63603\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA13FE67-F4AE-46DF-921B-3FB91BDF742B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98622F14-CC47-45E0-85E4-A7243309487C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5249FE7A-FAAE-42C4-9250-DF4B2009F420\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7AE6C1-B7C6-4056-9719-B5CFF71970AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A972EFE-4F7E-4BFC-8631-66A2D16B74A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22FE69B4-DF27-46F1-8037-4B8D1F229C6B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F72AEF0-EE70-40F8-B52B-1390820B87BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"603980FE-9865-4A71-A37C-A90B7F3B72D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43D21B01-A754-474F-8E46-14D733AB307E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D6424C-972F-459C-B8F7-04FFD9F541BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61AF653C-DCD4-4B20-A555-71120F9A5BB9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.5.2\",\"matchCriteriaId\":\"CED75685-A63C-4550-9820-769058BEF572\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A8C028-107B-4410-BCC6-5BCB8DB63603\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA13FE67-F4AE-46DF-921B-3FB91BDF742B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98622F14-CC47-45E0-85E4-A7243309487C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5249FE7A-FAAE-42C4-9250-DF4B2009F420\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7AE6C1-B7C6-4056-9719-B5CFF71970AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A972EFE-4F7E-4BFC-8631-66A2D16B74A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22FE69B4-DF27-46F1-8037-4B8D1F229C6B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F72AEF0-EE70-40F8-B52B-1390820B87BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"603980FE-9865-4A71-A37C-A90B7F3B72D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43D21B01-A754-474F-8E46-14D733AB307E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D6424C-972F-459C-B8F7-04FFD9F541BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61AF653C-DCD4-4B20-A555-71120F9A5BB9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC06F7E7-D67F-4C91-B545-F7EB62858BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E67F538A-3E1A-4749-BB8D-4F8043653B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:6.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4132A8AA-008B-49DA-AA5C-EB39CC65A2E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B051AF4-592A-4201-9DD3-8683C1847A00\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A5D5476-202C-476C-BC43-C0A963C99079\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0F7E3D1-B738-4B69-AB38-3A273F454B9A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2039DB3-F6BA-434D-A395-41DF7B641E4D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C078ABAD-0E35-481F-8096-FDD40451A318\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941333EC-86D4-43AC-BD9A-D286B2276C95\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_line_card_chassis_\\\\(dual\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_line_card_chassis_\\\\(multi\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE33AF1E-5E5C-43A1-B2E3-28E823C47E99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76F8EEEF-085A-49A5-A50E-24922B300F75\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10698948-E6E0-4C9B-9CB9-3626E4076336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40EF0D7E-FB4E-433A-A983-34E44E790542\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15448B60-0A19-477C-A08A-17578CF7C92C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-8\\\\/s-b_crs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31F6ED1-B20E-44CA-A74B-9D767EDF045F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-8\\\\/scrs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDEC7F0-D4D5-45F0-89A4-49C596318C01\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62F5E007-0CB6-424C-9AE8-01618C8C44E0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16770F6C-539D-4B65-9C52-60F008C283D2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6D383DA-04D7-4789-B7F7-B31FD645BA8F\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.