FKIE_CVE-2024-20434

Vulnerability from fkie_nvd - Published: 2024-09-25 17:15 - Updated: 2024-10-08 16:20
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RTVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 16.6.1
cisco ios_xe 16.6.2
cisco ios_xe 16.6.3
cisco ios_xe 16.6.4
cisco ios_xe 16.6.4a
cisco ios_xe 16.6.5
cisco ios_xe 16.6.6
cisco ios_xe 16.6.7
cisco ios_xe 16.6.8
cisco ios_xe 16.6.9
cisco ios_xe 16.6.10
cisco ios_xe 16.7.1
cisco ios_xe 16.8.1
cisco ios_xe 16.8.1a
cisco ios_xe 16.8.1s
cisco ios_xe 16.9.1
cisco ios_xe 16.9.1s
cisco ios_xe 16.9.2
cisco ios_xe 16.9.3
cisco ios_xe 16.9.4
cisco ios_xe 16.9.5
cisco ios_xe 16.9.6
cisco ios_xe 16.9.7
cisco ios_xe 16.9.8
cisco ios_xe 16.10.1
cisco ios_xe 16.10.1e
cisco ios_xe 16.10.1s
cisco ios_xe 16.11.1
cisco ios_xe 16.11.1b
cisco ios_xe 16.11.1s
cisco ios_xe 16.12.1
cisco ios_xe 16.12.1c
cisco ios_xe 16.12.1s
cisco ios_xe 16.12.2
cisco ios_xe 16.12.2s
cisco ios_xe 16.12.3
cisco ios_xe 16.12.3a
cisco ios_xe 16.12.3s
cisco ios_xe 16.12.4
cisco ios_xe 16.12.4a
cisco ios_xe 16.12.5
cisco ios_xe 16.12.5b
cisco ios_xe 16.12.6
cisco ios_xe 16.12.6a
cisco ios_xe 16.12.7
cisco ios_xe 16.12.8
cisco ios_xe 17.1.1
cisco ios_xe 17.1.1s
cisco ios_xe 17.1.1t
cisco ios_xe 17.1.3
cisco ios_xe 17.2.1
cisco ios_xe 17.2.1a
cisco ios_xe 17.3.1
cisco ios_xe 17.3.2
cisco ios_xe 17.3.2a
cisco ios_xe 17.3.3
cisco ios_xe 17.3.4
cisco ios_xe 17.3.4b
cisco ios_xe 17.3.5
cisco ios_xe 17.3.6
cisco ios_xe 17.3.7
cisco ios_xe 17.3.8
cisco ios_xe 17.3.8a
cisco ios_xe 17.4.1
cisco ios_xe 17.5.1
cisco ios_xe 17.6.1
cisco ios_xe 17.6.2
cisco ios_xe 17.6.3
cisco ios_xe 17.6.4
cisco ios_xe 17.6.5
cisco ios_xe 17.6.5a
cisco ios_xe 17.6.6
cisco ios_xe 17.6.6a
cisco ios_xe 17.6.7
cisco ios_xe 17.7.1
cisco ios_xe 17.8.1
cisco ios_xe 17.9.1
cisco ios_xe 17.9.2
cisco ios_xe 17.9.3
cisco ios_xe 17.9.4
cisco ios_xe 17.9.4a
cisco ios_xe 17.9.5
cisco ios_xe 17.10.1
cisco ios_xe 17.10.1b
cisco ios_xe 17.11.1
cisco ios_xe 17.11.99sw
cisco ios_xe 17.12.1
cisco ios_xe 17.12.2
cisco ios_xe 17.12.3
cisco ios_xe 17.13.1
cisco ios_xe 17.14.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B53828-C520-4845-9C14-6C7D50EAA3A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "20F23DB7-6F8E-470A-9B43-0ACEEF331C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CF8D4E-F82A-469C-A8C2-0C203A800A05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B736F09-3B51-4B2A-92F6-602847001F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F58A94E-B050-4EFA-84BA-43B11BA22E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E864BB1-FD23-4AB3-9138-5FD8B62EAF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "838D6C2D-C131-4A9C-AAE5-5BF38E637E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E0750C-A622-49D6-A8EF-B59E2F8F1912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1098FCEA-6A9F-4634-A0EF-EC55ABCCEA3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31789E98-7C8D-4C5A-8A3F-FC9AFE9A248C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device.\r\n\r This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el software Cisco IOS XE podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el plano de control de un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de tramas con informaci\u00f3n de etiqueta VLAN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tramas manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante dejar inoperante el plano de control del dispositivo afectado. El dispositivo no ser\u00eda accesible a trav\u00e9s de la consola o la CLI, y no responder\u00eda a las solicitudes de ping, solicitudes SNMP o solicitudes de otros protocolos del plano de control. El tr\u00e1fico que atraviesa el dispositivo a trav\u00e9s del plano de datos no se ve afectado. Se requiere una recarga del dispositivo para restaurar los servicios del plano de control."
    }
  ],
  "id": "CVE-2024-20434",
  "lastModified": "2024-10-08T16:20:30.933",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-09-25T17:15:16.090",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RT"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.