2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2020-3232" ,
2025-01-26 03:03:52 +00:00
"sourceIdentifier" : "psirt@cisco.com" ,
2023-04-24 12:24:31 +02:00
"published" : "2020-06-03T18:15:21.183" ,
2024-11-23 13:10:58 +00:00
"lastModified" : "2024-11-21T05:30:37.187" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad en la implementaci\u00f3n de Simple Network Management Protocol (SNMP) en Cisco ASR 920 Series Aggregation Services Router modelo ASR920-12SZ-IM, podr\u00eda permitir a un atacante remoto autenticado causar que el dispositivo se vuelva a cargar. La vulnerabilidad es debido al manejo incorrecto de los datos que se devuelven para las consultas de Cisco Discovery Protocol a SNMP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de informaci\u00f3n del Protocolo de descubrimiento de Cisco mediante SNMP. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el dispositivo afectado se vuelva a cargar, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 7.7 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.1 ,
"impactScore" : 4.0
}
] ,
"cvssMetricV30" : [
{
2025-01-26 03:03:52 +00:00
"source" : "psirt@cisco.com" ,
2023-04-24 12:24:31 +02:00
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 6.3 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 4.0
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:C" ,
2024-11-23 13:10:58 +00:00
"baseScore" : 6.8 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 13:10:58 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.0 ,
"impactScore" : 6.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
2025-01-26 03:03:52 +00:00
"source" : "psirt@cisco.com" ,
2024-11-23 13:10:58 +00:00
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-11-23 13:10:58 +00:00
"value" : "CWE-19"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
2024-11-23 13:10:58 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-11-23 13:10:58 +00:00
"value" : "NVD-CWE-noinfo"
2023-04-24 12:24:31 +02:00
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0E5BB91-B5E7-4961-87DC-26596E5EDED7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BA0B441A-3A09-4A58-8A40-D463003A50BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C35B3F96-B342-4AFC-A511-7A735B961ECD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9FBEF4B2-EA12-445A-823E-E0E5343A405E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "51EAC484-1C4F-4CA8-B8E1-6EE0E9497A4A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "844E7CEC-5CB6-47AE-95F7-75693347C08E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "147A245E-9A5D-4178-A1AC-5B0D41C3B730"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "27F66514-B9C4-422E-B68E-406608302E03"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E2438157-4D9C-4E16-9D2A-759A8F6CDDE2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "12ECC01E-E59F-4AED-AE51-7EE6B5E717E8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.9s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABC524BA-544C-49B9-A9D6-800D25556532"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.16.10s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BC99316-75AC-45EB-B6BB-DB014ED08ECA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "12793F39-13C4-4DBC-9B78-FE361BDDF89D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "876767C7-0196-4226-92B1-DDE851B53655"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0141D67B-632F-48ED-8837-4CC799616C57"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE444B39-D025-471B-835E-88671212ACAA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EE81AA43-88D4-4EFC-B8F6-A41EFF437819"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.1gsp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CE3170E3-0BCC-4C5F-8E6C-5E91E8C4E7A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.1hsp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3CCDB353-DD15-4C91-AD2A-73649C012E08"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.1isp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7D7DAAE1-BB3F-4FBA-A6ED-3BABC9196C1C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "06BBE88E-FEFB-4B90-91D1-4F053FA0EA47"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "014224BF-926E-470C-A133-84036D8AD533"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4063CCF8-19BE-4411-B71B-147BB146700B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "186ADB50-A4D4-4B32-884D-3195E7770346"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "334F278A-CFEB-4145-9D8D-EFC36A1BF258"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE7B2557-821D-4E05-B5C3-67192573D97D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62EDEC28-661E-42EF-88F0-F62D0220D2E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F821EBD7-91E2-4460-BFAF-18482CF6CB8C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C9B825E6-5929-4890-BDBA-4CF4BD2314C9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "65020120-491D-46CD-8C73-974B6F4C11E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "623BF701-ADC9-4F24-93C5-043A6A7FEF5F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0FBD681F-7969-42BE-A47E-7C287755DCB5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98255E6F-3056-487D-9157-403836EFB9D3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "57D4F634-03D5-4D9F-901C-7E9CE45F2F38"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4463A1D1-E169-4F0B-91B2-FA126BB444CB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CDD58C58-1B0C-4A71-8C02-F555CEF9C253"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "96852D16-AF50-4C70-B125-D2349E6765D7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A15B882A-BA60-4932-A55E-F4A798B30EEB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5C9C585C-A6EC-4385-B915-046C110BF95F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "119A964D-ABC8-424D-8097-85B832A833BD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0375BF9E-D04B-4E5B-9051-536806ECA44E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "012A6CF7-9104-4882-9C95-E6D4458AB778"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "78DE7780-4E8B-4BB6-BDEB-58032EC65851"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BD45D77-4097-4AFB-98DF-5B8188316C20"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef" ,
2025-01-26 03:03:52 +00:00
"source" : "psirt@cisco.com" ,
2023-04-24 12:24:31 +02:00
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2024-11-23 13:10:58 +00:00
} ,
{
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
