Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.6
CVSSv3

CVE-2023-20027

Published: 23/03/2023 Updated: 07/11/2023
CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Cisco

Vulnerability Summary

A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel interface or on a physical interface that is configured with a maximum transmission unit (MTU) greater than 4,615 bytes. An attacker could exploit this vulnerability by sending fragmented packets through a VFR-enabled interface on an affected device. A successful exploit could allow the malicious user to cause the device to reload, resulting in a DoS condition.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios_xe 3.9.0as

cisco ios_xe 3.9.1s

cisco ios_xe 3.9.2s

cisco ios_xe 3.10.0s

cisco ios_xe 3.10.1s

cisco ios_xe 3.10.2as

cisco ios_xe 3.10.2s

cisco ios_xe 3.10.2ts

cisco ios_xe 3.10.3s

cisco ios_xe 3.10.4s

cisco ios_xe 3.10.5s

cisco ios_xe 3.10.6s

cisco ios_xe 3.10.7s

cisco ios_xe 3.10.8as

cisco ios_xe 3.10.8s

cisco ios_xe 3.10.9s

cisco ios_xe 3.10.10s

cisco ios_xe 3.11.0s

cisco ios_xe 3.11.1s

cisco ios_xe 3.11.2s

cisco ios_xe 3.11.3s

cisco ios_xe 3.11.4s

cisco ios_xe 3.12.0s

cisco ios_xe 3.12.1s

cisco ios_xe 3.12.2s

cisco ios_xe 3.12.3s

cisco ios_xe 3.12.4s

cisco ios_xe 3.13.0s

cisco ios_xe 3.13.1s

cisco ios_xe 3.13.2s

cisco ios_xe 3.13.3s

cisco ios_xe 3.13.4s

cisco ios_xe 3.13.5s

cisco ios_xe 3.13.6as

cisco ios_xe 3.13.6s

cisco ios_xe 3.13.7s

cisco ios_xe 3.13.8s

cisco ios_xe 3.13.9s

cisco ios_xe 3.13.10s

cisco ios_xe 3.14.0s

cisco ios_xe 3.14.1s

cisco ios_xe 3.14.2s

cisco ios_xe 3.14.3s

cisco ios_xe 3.14.4s

cisco ios_xe 3.15.0s

cisco ios_xe 3.15.1cs

cisco ios_xe 3.15.1s

cisco ios_xe 3.15.2s

cisco ios_xe 3.15.3s

cisco ios_xe 3.15.4s

cisco ios_xe 3.16.0cs

cisco ios_xe 3.16.0s

cisco ios_xe 3.16.1as

cisco ios_xe 3.16.2s

cisco ios_xe 3.16.3s

cisco ios_xe 3.16.4as

cisco ios_xe 3.16.4bs

cisco ios_xe 3.16.4cs

cisco ios_xe 3.16.4ds

cisco ios_xe 3.16.4es

cisco ios_xe 3.16.4gs

cisco ios_xe 3.16.5as

cisco ios_xe 3.16.5bs

cisco ios_xe 3.16.5s

cisco ios_xe 3.16.6bs

cisco ios_xe 3.16.6s

cisco ios_xe 3.16.7as

cisco ios_xe 3.16.7bs

cisco ios_xe 3.16.7s

cisco ios_xe 3.16.8s

cisco ios_xe 3.16.9s

cisco ios_xe 3.16.10s

cisco ios_xe 3.17.0s

cisco ios_xe 3.17.1s

cisco ios_xe 3.17.2s

cisco ios_xe 3.17.3s

cisco ios_xe 3.17.4s

cisco ios_xe 3.18.0as

cisco ios_xe 3.18.2asp

cisco ios_xe 16.2.1

cisco ios_xe 16.2.2

cisco ios_xe 16.3.1

cisco ios_xe 16.3.1a

cisco ios_xe 16.3.2

cisco ios_xe 16.3.3

cisco ios_xe 16.3.4

cisco ios_xe 16.3.5

cisco ios_xe 16.3.6

cisco ios_xe 16.3.7

cisco ios_xe 16.3.8

cisco ios_xe 16.3.9

cisco ios_xe 16.3.10

cisco ios_xe 16.3.11

cisco ios_xe 16.4.1

cisco ios_xe 16.4.2

cisco ios_xe 16.4.3

cisco ios_xe 16.5.1

cisco ios_xe 16.5.1b

cisco ios_xe 16.5.2

cisco ios_xe 16.5.3

cisco ios_xe 16.6.1

cisco ios_xe 16.6.2

cisco ios_xe 16.6.3

cisco ios_xe 16.6.4

cisco ios_xe 16.6.4s

cisco ios_xe 16.6.5

cisco ios_xe 16.6.6

cisco ios_xe 16.6.7

cisco ios_xe 16.6.8

cisco ios_xe 16.6.9

cisco ios_xe 16.6.10

cisco ios_xe 16.7.1

cisco ios_xe 16.7.2

cisco ios_xe 16.7.3

cisco ios_xe 16.8.1

cisco ios_xe 16.8.1s

cisco ios_xe 16.8.2

cisco ios_xe 16.8.3

cisco ios_xe 16.9.1

cisco ios_xe 16.9.1s

cisco ios_xe 16.9.2

cisco ios_xe 16.9.2s

cisco ios_xe 16.9.3

cisco ios_xe 16.9.3s

cisco ios_xe 16.9.4

cisco ios_xe 16.9.5

cisco ios_xe 16.9.6

cisco ios_xe 16.9.7

cisco ios_xe 16.9.8

cisco ios_xe 16.9.8a

cisco ios_xe 16.9.8c

cisco ios_xe 16.10.1

cisco ios_xe 16.10.1a

cisco ios_xe 16.10.1b

cisco ios_xe 16.10.1e

cisco ios_xe 16.10.1s

cisco ios_xe 16.10.2

cisco ios_xe 16.10.3

cisco ios_xe 16.11.1

cisco ios_xe 16.11.1a

cisco ios_xe 16.11.1c

cisco ios_xe 16.11.1s

cisco ios_xe 16.11.2

cisco ios_xe 16.12.1

cisco ios_xe 16.12.1a

cisco ios_xe 16.12.1c

cisco ios_xe 16.12.1s

cisco ios_xe 16.12.2

cisco ios_xe 16.12.2s

cisco ios_xe 16.12.2t

cisco ios_xe 16.12.3

cisco ios_xe 16.12.3s

cisco ios_xe 16.12.4

cisco ios_xe 16.12.5

cisco ios_xe 16.12.6

cisco ios_xe 16.12.7

cisco ios_xe 16.12.8

cisco ios_xe 17.1.1

cisco ios_xe 17.1.1s

cisco ios_xe 17.1.1t

cisco ios_xe 17.1.2

cisco ios_xe 17.1.3

cisco ios_xe 17.2.1

cisco ios_xe 17.2.1r

cisco ios_xe 17.2.1v

cisco ios_xe 17.2.2

cisco ios_xe 17.2.3

cisco ios_xe 17.3.1

cisco ios_xe 17.3.1a

cisco ios_xe 17.3.2

cisco ios_xe 17.3.3

cisco ios_xe 17.3.4

cisco ios_xe 17.3.4a

cisco ios_xe 17.3.5

cisco ios_xe 17.4.1

cisco ios_xe 17.4.1a

cisco ios_xe 17.4.1b

cisco ios_xe 17.4.2

cisco ios_xe 17.5.1

cisco ios_xe 17.5.1a

cisco ios_xe 17.6.1

cisco ios_xe 17.6.1a

cisco ios_xe 17.6.2

cisco ios_xe 17.6.3

cisco ios_xe 17.6.3a

cisco ios_xe 17.7.1

cisco ios_xe 17.7.1a

cisco ios_xe 17.7.2

cisco ios_xe 17.8.1

cisco ios_xe 17.8.1a

Vendor Advisories

Cisco: Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability
A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tu ...

References

NVD-CWE-noinfohttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacbhttps://nvd.nist.govhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook