Strix
26.1K

CVE-2020-3228

HIGHCVSS 8.6/10EPSS 1.79%

Last modified

CVE-2020-3228 is a high-severity vulnerability rated 8.6/10 on the CVSS scale. A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. EPSS estimates a 1.79% chance of exploitation in the next 30 days.

Description

A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Metrics

CVSS 3.1
8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability
1.79%

75.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.2\(6\)i1
CiscoIos15.1\(1\)sy
CiscoIos15.1\(1\)sy1
CiscoIos15.1\(1\)sy2
CiscoIos15.1\(1\)sy3
CiscoIos15.1\(1\)sy4
CiscoIos15.1\(1\)sy5
CiscoIos15.1\(1\)sy6
CiscoIos15.1\(2\)sy
CiscoIos15.1\(2\)sy1
CiscoIos15.1\(2\)sy2
CiscoIos15.1\(2\)sy3
CiscoIos15.1\(2\)sy4
CiscoIos15.1\(2\)sy4a
CiscoIos15.1\(2\)sy5
CiscoIos15.1\(2\)sy6
CiscoIos15.1\(2\)sy7
CiscoIos15.1\(2\)sy8
CiscoIos15.1\(2\)sy9
CiscoIos15.1\(2\)sy10
CiscoIos15.1\(2\)sy11
CiscoIos15.1\(2\)sy12
CiscoIos15.1\(2\)sy13
CiscoIos15.1\(2\)sy14
CiscoIos15.2\(1\)e
CiscoIos15.2\(1\)e1
CiscoIos15.2\(1\)e2
CiscoIos15.2\(1\)e3
CiscoIos15.2\(1\)ey
CiscoIos15.2\(1\)sy
CiscoIos15.2\(1\)sy0a
CiscoIos15.2\(1\)sy1
CiscoIos15.2\(1\)sy1a
CiscoIos15.2\(1\)sy2
CiscoIos15.2\(1\)sy3
CiscoIos15.2\(1\)sy4
CiscoIos15.2\(1\)sy5
CiscoIos15.2\(1\)sy6
CiscoIos15.2\(1\)sy7
CiscoIos15.2\(1\)sy8
CiscoIos15.2\(2\)e
CiscoIos15.2\(2\)e1
CiscoIos15.2\(2\)e2
CiscoIos15.2\(2\)e3
CiscoIos15.2\(2\)e4
CiscoIos15.2\(2\)e5
CiscoIos15.2\(2\)e5a
CiscoIos15.2\(2\)e5b
CiscoIos15.2\(2\)e6
CiscoIos15.2\(2\)e7

Showing 50 of 485 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-3228?
A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
How severe is CVE-2020-3228?
CVE-2020-3228 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 1.79% probability of exploitation in the next 30 days.
How do I fix CVE-2020-3228?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3228?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST