CVE-2020-3201

Name: CVE-2020-3201
Creator: NVD / NIST
Published: 2020-06-03T18:15:17.747+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6/10EPSS 0.30%

Last modified Jun 17, 2026

CVE-2020-3201 is a medium-severity vulnerability rated 6/10 on the CVSS scale. A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. EPSS estimates a 0.30% chance of exploitation in the next 30 days.

Description

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Metrics

CVSS 3.1

6/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

EPSS Probability

0.30%

21.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Cisco	Ios	12.2\(18\)ixa
Cisco	Ios	12.2\(18\)ixb
Cisco	Ios	12.2\(18\)ixb1
Cisco	Ios	12.2\(18\)ixb2
Cisco	Ios	12.2\(18\)ixc
Cisco	Ios	12.2\(18\)ixd
Cisco	Ios	12.2\(18\)ixd1
Cisco	Ios	12.2\(18\)ixe
Cisco	Ios	12.2\(18\)ixf
Cisco	Ios	12.2\(18\)ixf1
Cisco	Ios	12.2\(18\)ixg
Cisco	Ios	12.2\(18\)ixh
Cisco	Ios	12.2\(18\)ixh1
Cisco	Ios	12.2\(18\)sxe
Cisco	Ios	12.2\(18\)sxe1
Cisco	Ios	12.2\(18\)sxe2
Cisco	Ios	12.2\(18\)sxe3
Cisco	Ios	12.2\(18\)sxe4
Cisco	Ios	12.2\(18\)sxe5
Cisco	Ios	12.2\(18\)sxe6
Cisco	Ios	12.2\(18\)sxe6a
Cisco	Ios	12.2\(18\)sxe6b
Cisco	Ios	12.2\(18\)sxf
Cisco	Ios	12.2\(18\)sxf1
Cisco	Ios	12.2\(18\)sxf2
Cisco	Ios	12.2\(18\)sxf3
Cisco	Ios	12.2\(18\)sxf4
Cisco	Ios	12.2\(18\)sxf5
Cisco	Ios	12.2\(18\)sxf6
Cisco	Ios	12.2\(18\)sxf7
Cisco	Ios	12.2\(18\)sxf8
Cisco	Ios	12.2\(18\)sxf9
Cisco	Ios	12.2\(18\)sxf10
Cisco	Ios	12.2\(18\)sxf10a
Cisco	Ios	12.2\(18\)sxf11
Cisco	Ios	12.2\(18\)sxf12
Cisco	Ios	12.2\(18\)sxf12a
Cisco	Ios	12.2\(18\)sxf13
Cisco	Ios	12.2\(18\)sxf13a
Cisco	Ios	12.2\(18\)sxf13b
Cisco	Ios	12.2\(18\)sxf14
Cisco	Ios	12.2\(18\)sxf15
Cisco	Ios	12.2\(18\)sxf15a
Cisco	Ios	12.2\(18\)sxf16
Cisco	Ios	12.2\(18\)sxf17
Cisco	Ios	12.2\(18\)sxf17a
Cisco	Ios	12.2\(18\)sxf17b
Cisco	Ios	12.2\(18\)zu
Cisco	Ios	12.2\(18\)zu1
Cisco	Ios	12.2\(18\)zu2

Showing 50 of 1917 affected configurations. See NVD for the full list.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-dos-MAZQUnMFPatch, Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-dos-MAZQUnMFPatch, Vendor Advisory

Timeline

Published: Jun 3, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-3201?

How severe is CVE-2020-3201?

CVE-2020-3201 has a CVSS score of 6/10 (MEDIUM severity). The EPSS model estimates a 0.30% probability of exploitation in the next 30 days.

How do I fix CVE-2020-3201?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3201?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST