CVE-2020-3200

Name: CVE-2020-3200
Creator: NVD / NIST
Published: 2020-06-03T18:15:17.353+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.7/10EPSS 1.72%

Last modified Jun 17, 2026

CVE-2020-3200 is a high-severity vulnerability rated 7.7/10 on the CVSS scale. A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. EPSS estimates a 1.72% chance of exploitation in the next 30 days.

Description

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Metrics

CVSS 3.1

7.7/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS Probability

1.72%

74.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Cisco	Ios	12.2\(6\)i1
Cisco	Ios	12.2\(58\)ex
Cisco	Ios	12.2\(58\)ey
Cisco	Ios	12.2\(58\)ey1
Cisco	Ios	12.2\(58\)ey2
Cisco	Ios	12.2\(58\)ez
Cisco	Ios	12.2\(58\)se
Cisco	Ios	12.2\(58\)se1
Cisco	Ios	12.2\(58\)se2
Cisco	Ios	12.2\(60\)ez
Cisco	Ios	12.2\(60\)ez1
Cisco	Ios	12.2\(60\)ez2
Cisco	Ios	12.2\(60\)ez3
Cisco	Ios	12.2\(60\)ez4
Cisco	Ios	12.2\(60\)ez5
Cisco	Ios	12.2\(60\)ez6
Cisco	Ios	12.2\(60\)ez7
Cisco	Ios	12.2\(60\)ez8
Cisco	Ios	12.2\(60\)ez9
Cisco	Ios	12.2\(60\)ez10
Cisco	Ios	12.2\(60\)ez11
Cisco	Ios	12.2\(60\)ez12
Cisco	Ios	12.2\(60\)ez13
Cisco	Ios	12.2\(60\)ez14
Cisco	Ios	12.4\(22\)md
Cisco	Ios	12.4\(22\)md1
Cisco	Ios	12.4\(22\)md2
Cisco	Ios	12.4\(22\)mda
Cisco	Ios	12.4\(22\)mda1
Cisco	Ios	12.4\(22\)mda2
Cisco	Ios	12.4\(22\)mda3
Cisco	Ios	12.4\(22\)mda4
Cisco	Ios	12.4\(22\)mda5
Cisco	Ios	12.4\(22\)mda6
Cisco	Ios	12.4\(22\)t
Cisco	Ios	12.4\(22\)t1
Cisco	Ios	12.4\(22\)t2
Cisco	Ios	12.4\(22\)t3
Cisco	Ios	12.4\(22\)t4
Cisco	Ios	12.4\(22\)t5
Cisco	Ios	12.4\(22\)xr1
Cisco	Ios	12.4\(22\)xr2
Cisco	Ios	12.4\(22\)xr3
Cisco	Ios	12.4\(22\)xr4
Cisco	Ios	12.4\(22\)xr5
Cisco	Ios	12.4\(22\)xr6
Cisco	Ios	12.4\(22\)xr7
Cisco	Ios	12.4\(22\)xr8
Cisco	Ios	12.4\(22\)xr9
Cisco	Ios	12.4\(22\)xr10

Showing 50 of 1198 affected configurations. See NVD for the full list.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-dos-Un22sd2APatch, Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-dos-Un22sd2APatch, Vendor Advisory

Timeline

Published: Jun 3, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-3200?

How severe is CVE-2020-3200?

CVE-2020-3200 has a CVSS score of 7.7/10 (HIGH severity). The EPSS model estimates a 1.72% probability of exploitation in the next 30 days.

How do I fix CVE-2020-3200?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3200?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST