CVE-2020-3510

A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9600-lc-24c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9600-lc-48s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9600-lc-48tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_c9600-lc-48yl:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:31

Type Values Removed Values Added
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37 - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37 - Vendor Advisory

Information

Published : 2020-09-24 18:15

Updated : 2024-11-21 05:31


NVD link : CVE-2020-3510

Mitre link : CVE-2020-3510

CVE.ORG link : CVE-2020-3510


JSON object : View

Products Affected

cisco

  • catalyst_c9600-lc-24c
  • catalyst_c9500-40x
  • catalyst_c9404r
  • catalyst_c9200-48p
  • catalyst_c9500-16x
  • catalyst_c9300-48t
  • catalyst_c9200-24p
  • catalyst_c9200l-24t-4g
  • catalyst_c9200l-48p-4g
  • catalyst_c9300l-48t-4g
  • ios_xe
  • catalyst_c9300l-24t-4g
  • catalyst_c9200l-48p-4x
  • catalyst_c9407r
  • catalyst_c9500-48y4c
  • catalyst_c9300-48s
  • catalyst_c9600-lc-48s
  • catalyst_c9300l-24p-4g
  • catalyst_c9300-24u
  • catalyst_c9500-12q
  • catalyst_c9500-24q
  • catalyst_c9200l-48t-4g
  • catalyst_c9200l-24pxg-4x
  • catalyst_c9600-lc-48tx
  • catalyst_c9500-24y4c
  • catalyst_c9200l-24p-4x
  • catalyst_c9500-32c
  • catalyst_c9500-32qc
  • catalyst_c9410r
  • catalyst_c9300l-48p-4g
  • catalyst_c9300-48u
  • catalyst_c9200l-24pxg-2y
  • catalyst_c9200l-48pxg-2y
  • catalyst_c9200-24t
  • catalyst_c9200l-48pxg-4x
  • catalyst_c9200l-24p-4g
  • catalyst_c9300-24s
  • catalyst_c9200-48t
  • catalyst_c9300-48un
  • catalyst_c9300l-48t-4x
  • catalyst_c9300-48p
  • catalyst_c9300-48uxm
  • catalyst_c9300l-48p-4x
  • catalyst_c9600-lc-48yl
  • catalyst_c9300l-24p-4x
  • catalyst_c9300-24t
  • catalyst_c9300-24ux
  • catalyst_c9200l-48t-4x
  • catalyst_c9300-24p
  • catalyst_c9200l-24t-4x
  • catalyst_c9300l-24t-4x
CWE
CWE-388

7PK - Errors

CWE-400

Uncontrolled Resource Consumption