Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Cisco IOS XE Software

Source

ykramarz@cisco.com

CVE-2024-20313 details

Published : April 24, 2024, 9:15 p.m.
Last Modified : April 24, 2024, 9:15 p.m.

Description

A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates that are processed by a device. An attacker could exploit this vulnerability by sending a malformed OSPF update to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

CVSS Score

1	2	3	4	5	6	7.4	8	9	10

Weakness

Weakness	Name	Description

CVSS Data

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

7.4

Exploitability Score

Impact Score

Base Severity

HIGH

Vector String : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

References

URL	Source
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ospf-dos-dR9Sfrxp	ykramarz@cisco.com

This website uses the NVD API, but is not approved or certified by it.

CVE-2024-20313

Products

Source

Tags

CVE-2024-20313 details

Description

CVSS Score

Weakness

CVSS Data

Attack Vector

Attack Complexity

Privileges Required

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Base Score

Exploitability Score

Impact Score

Base Severity

References