{"containers": {"cna": {"affected": [{"product": "Cisco ASR 920 Series Aggregation Services Router ", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-06-03T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-19", "description": "CWE-19", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-03T17:55:26", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200603 Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef"}], "source": {"advisory": "cisco-sa-asr920-ABjcLmef", "defect": [["CSCvi42821"]], "discovery": "INTERNAL"}, "title": "Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-06-03T16:00:00", "ID": "CVE-2020-3232", "STATE": "PUBLIC", "TITLE": "Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco ASR 920 Series Aggregation Services Router ", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "impact": {"cvss": {"baseScore": "6.3", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-19"}]}]}, "references": {"reference_data": [{"name": "20200603 Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef"}]}, "source": {"advisory": "cisco-sa-asr920-ABjcLmef", "defect": [["CSCvi42821"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3232", "datePublished": "2020-06-03T00:00:00", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2020-06-03T17:55:26", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*", "matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*", "matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*", "matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*", "matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*", "matchCriteriaId": "C35B3F96-B342-4AFC-A511-7A735B961ECD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*", "matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*", "matchCriteriaId": "51EAC484-1C4F-4CA8-B8E1-6EE0E9497A4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*", "matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*", "matchCriteriaId": "E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*", "matchCriteriaId": "147A245E-9A5D-4178-A1AC-5B0D41C3B730", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*", "matchCriteriaId": "27F66514-B9C4-422E-B68E-406608302E03", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*", "matchCriteriaId": "E2438157-4D9C-4E16-9D2A-759A8F6CDDE2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*", "matchCriteriaId": "12ECC01E-E59F-4AED-AE51-7EE6B5E717E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.9s:*:*:*:*:*:*:*", "matchCriteriaId": "ABC524BA-544C-49B9-A9D6-800D25556532", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.10s:*:*:*:*:*:*:*", "matchCriteriaId": "2BC99316-75AC-45EB-B6BB-DB014ED08ECA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*", "matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*", "matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*", "matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*", "matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*", "matchCriteriaId": "FE444B39-D025-471B-835E-88671212ACAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*", "matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*", "matchCriteriaId": "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1gsp:*:*:*:*:*:*:*", "matchCriteriaId": "CE3170E3-0BCC-4C5F-8E6C-5E91E8C4E7A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1hsp:*:*:*:*:*:*:*", "matchCriteriaId": "3CCDB353-DD15-4C91-AD2A-73649C012E08", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1isp:*:*:*:*:*:*:*", "matchCriteriaId": "7D7DAAE1-BB3F-4FBA-A6ED-3BABC9196C1C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*", "matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*", "matchCriteriaId": "06BBE88E-FEFB-4B90-91D1-4F053FA0EA47", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*", "matchCriteriaId": "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*", "matchCriteriaId": "014224BF-926E-470C-A133-84036D8AD533", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*", "matchCriteriaId": "4063CCF8-19BE-4411-B71B-147BB146700B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*", "matchCriteriaId": "2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*", "matchCriteriaId": "186ADB50-A4D4-4B32-884D-3195E7770346", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*", "matchCriteriaId": "334F278A-CFEB-4145-9D8D-EFC36A1BF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*", "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*", "matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*", "matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*", "matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*", "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*", "matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*", "matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*", "matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*", "matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*", "matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n de Simple Network Management Protocol (SNMP) en Cisco ASR 920 Series Aggregation Services Router modelo ASR920-12SZ-IM, podr\u00eda permitir a un atacante remoto autenticado causar que el dispositivo se vuelva a cargar. La vulnerabilidad es debido al manejo incorrecto de los datos que se devuelven para las consultas de Cisco Discovery Protocol a SNMP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de informaci\u00f3n del Protocolo de descubrimiento de Cisco mediante SNMP. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el dispositivo afectado se vuelva a cargar, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."}], "id": "CVE-2020-3232", "lastModified": "2021-10-19T20:20:10.423", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-03T18:15:21.183", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-19"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}