5
CVSSv2

CVE-2020-3363

Published: 17/08/2020 Updated: 20/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the malicious user to cause an unexpected reboot of the switch, leading to a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco sg250x-24_firmware -

cisco sg250x-24p_firmware -

cisco sg250x-48_firmware -

cisco sg250x-48p_firmware -

cisco sg250-08_firmware -

cisco sg250-08hp_firmware -

cisco sg250-10p_firmware -

cisco sg250-18_firmware -

cisco sg250-26_firmware -

cisco sg250-26hp_firmware -

cisco sg250-26p_firmware -

cisco sg250-50_firmware -

cisco sg250-50hp_firmware -

cisco sg250-50p_firmware -

cisco sf250-24_firmware -

cisco sf250-24p_firmware -

cisco sf250-48_firmware -

cisco sf250-48hp_firmware -

cisco sg350-10_firmware -

cisco sg350-10p_firmware -

cisco sg350-10mp_firmware -

cisco sg355-10p_firmware -

cisco sg350-28_firmware -

cisco sg350-28p_firmware -

cisco sg350-28mp_firmware -

cisco sf350-48_firmware -

cisco sf350-48p_firmware -

cisco sf350-48mp_firmware -

cisco sg350xg-2f10_firmware -

cisco sg350xg-24f_firmware -

cisco sg350xg-24t_firmware -

cisco sg350xg-48t_firmware -

cisco sg350x-24_firmware -

cisco sg350x-24p_firmware -

cisco sg350x-24mp_firmware -

cisco sg350x-48_firmware -

cisco sg350x-48p_firmware -

cisco sg350x-48mp_firmware -

cisco sx550x-16ft_firmware -

cisco sx550x-24ft_firmware -

cisco sx550x-12f_firmware -

cisco sx550x-24f_firmware -

cisco sx550x-24_firmware -

cisco sx550x-52_firmware -

cisco sg550x-24_firmware -

cisco sg550x-24p_firmware -

cisco sg550x-24mp_firmware -

cisco sg550x-24mpp_firmware -

cisco sg550x-48_firmware -

cisco sg550x-48p_firmware -

cisco sg550x-48mp_firmware -

cisco sf550x-24_firmware -

cisco sf550x-24p_firmware -

cisco sf550x-24mp_firmware -

cisco sf550x-48_firmware -

cisco sf550x-48p_firmware -

cisco sf550x-48mp_firmware -

cisco sg200-50_firmware -

cisco sg200-50p_firmware -

cisco sg200-50fp_firmware -

cisco sg200-26_firmware -

cisco sg200-26p_firmware -

cisco sg200-26fp_firmware -

cisco sg200-18_firmware -

cisco sg200-10fp_firmware -

cisco sg200-08_firmware -

cisco sg200-08p_firmware -

cisco sf200-24_firmware -

cisco sf200-24p_firmware -

cisco sf200-24fp_firmware -

cisco sf200-48_firmware -

cisco sf200-48p_firmware -

cisco sf302-08pp_firmware -

cisco sf302-08mpp_firmware -

cisco sg300-10pp_firmware -

cisco sg300-10mpp_firmware -

cisco sf300-24pp_firmware -

cisco sf300-48pp_firmware -

cisco sg300-28pp_firmware -

cisco sf300-08_firmware -

cisco sf300-48p_firmware -

cisco sg300-10mp_firmware -

cisco sg300-10p_firmware -

cisco sg300-10_firmware -

cisco sg300-28p_firmware -

cisco sf300-24p_firmware -

cisco sf302-08mp_firmware -

cisco sg300-28_firmware -

cisco sf300-48_firmware -

cisco sg300-20_firmware -

cisco sf302-08p_firmware -

cisco sg300-52_firmware -

cisco sf300-24_firmware -

cisco sf302-08_firmware -

cisco sf300-24mp_firmware -

cisco sg300-10sfp_firmware -

cisco sg300-28mp_firmware -

cisco sg300-52p_firmware -

cisco sg300-52mp_firmware -

cisco sg500-28mpp_firmware -

cisco sg500-52mp_firmware -

cisco sg500xg-8f8t_firmware -

cisco sf500-24_firmware -

cisco sf500-24p_firmware -

cisco sf500-48_firmware -

cisco sf500-48p_firmware -

cisco sg500-28_firmware -

cisco sg500-28p_firmware -

cisco sg500-52_firmware -

cisco sg500-52p_firmware -

cisco sg500x-24_firmware -

cisco sg500x-24p_firmware -

cisco sg500x-48_firmware -

cisco sg500x-48p_firmware -

Vendor Advisories

A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device The vulnerability is due to insufficient validation of incoming IPv6 traffic An attacker could exploit this vulnerability by send ...

Recent Articles

High-Severity Cisco DoS Flaw Plagues Small-Business Switches
Threatpost • Lindsey O'Donnell • 06 Aug 2020

Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service (DoS) attacks.
The vulnerability stems from the IPv6 packet processing engine in the switches. IPv6 (also known as Internet Protocol version 6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification system for computers on networks and routes traffic across ...