CVE-2020-3226

03.06.2020, 18:15

A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.6 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
cisco	CNA	8.6 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 72%

Vendor	Product	Version
cisco	ios	15.0\(2\)sg11a
cisco	ios	15.3\(3\)jaa1
cisco	ios	15.3\(3\)jpi
cisco	ios	15.3\(3\)jpj
cisco	ios	15.3\(3\)m
cisco	ios	15.3\(3\)m1
cisco	ios	15.3\(3\)m2
cisco	ios	15.3\(3\)m3
cisco	ios	15.3\(3\)m4
cisco	ios	15.3\(3\)m5
cisco	ios	15.3\(3\)m6
cisco	ios	15.3\(3\)m7
cisco	ios	15.3\(3\)m8
cisco	ios	15.3\(3\)m8a
cisco	ios	15.3\(3\)m9
cisco	ios	15.3\(3\)m10
cisco	ios	15.3\(3\)xb12
cisco	ios	15.4\(1\)cg
cisco	ios	15.4\(1\)t
cisco	ios	15.4\(1\)t1
cisco	ios	15.4\(1\)t2
cisco	ios	15.4\(1\)t3
cisco	ios	15.4\(1\)t4
cisco	ios	15.4\(2\)cg
cisco	ios	15.4\(2\)t
cisco	ios	15.4\(2\)t1
cisco	ios	15.4\(2\)t2
cisco	ios	15.4\(2\)t3
cisco	ios	15.4\(2\)t4
cisco	ios	15.4\(3\)m
cisco	ios	15.4\(3\)m1
cisco	ios	15.4\(3\)m2
cisco	ios	15.4\(3\)m3
cisco	ios	15.4\(3\)m4
cisco	ios	15.4\(3\)m5
cisco	ios	15.4\(3\)m6
cisco	ios	15.4\(3\)m6a
cisco	ios	15.4\(3\)m7
cisco	ios	15.4\(3\)m7a
cisco	ios	15.4\(3\)m8
cisco	ios	15.4\(3\)m9
cisco	ios	15.4\(3\)m10
cisco	ios	15.5\(1\)t
cisco	ios	15.5\(1\)t1
cisco	ios	15.5\(1\)t2
cisco	ios	15.5\(1\)t3
cisco	ios	15.5\(1\)t4
cisco	ios	15.5\(2\)t
cisco	ios	15.5\(2\)t1
cisco	ios	15.5\(2\)t2
cisco	ios	15.5\(2\)t3
cisco	ios	15.5\(2\)t4
cisco	ios	15.5\(2\)xb
cisco	ios	15.5\(3\)m
cisco	ios	15.5\(3\)m1
cisco	ios	15.5\(3\)m2
cisco	ios	15.5\(3\)m2a
cisco	ios	15.5\(3\)m3
cisco	ios	15.5\(3\)m4
cisco	ios	15.5\(3\)m4a
cisco	ios	15.5\(3\)m4b
cisco	ios	15.5\(3\)m4c
cisco	ios	15.5\(3\)m5
cisco	ios	15.5\(3\)m6
cisco	ios	15.5\(3\)m6a
cisco	ios	15.5\(3\)m7
cisco	ios	15.5\(3\)m8
cisco	ios	15.5\(3\)m9
cisco	ios	15.5\(3\)m10
cisco	ios	15.6\(1\)t
cisco	ios	15.6\(1\)t0a
cisco	ios	15.6\(1\)t1
cisco	ios	15.6\(1\)t2
cisco	ios	15.6\(1\)t3
cisco	ios	15.6\(2\)t
cisco	ios	15.6\(2\)t1
cisco	ios	15.6\(2\)t2
cisco	ios	15.6\(2\)t3
cisco	ios	15.6\(3\)m
cisco	ios	15.6\(3\)m0a
cisco	ios	15.6\(3\)m1
cisco	ios	15.6\(3\)m1a
cisco	ios	15.6\(3\)m1b
cisco	ios	15.6\(3\)m2
cisco	ios	15.6\(3\)m2a
cisco	ios	15.6\(3\)m3
cisco	ios	15.6\(3\)m3a
cisco	ios	15.6\(3\)m4
cisco	ios	15.6\(3\)m5
cisco	ios	15.6\(3\)m6
cisco	ios	15.6\(3\)m6a
cisco	ios	15.6\(3\)m7
cisco	ios	15.7\(3\)m
cisco	ios	15.7\(3\)m1
cisco	ios	15.7\(3\)m2
cisco	ios	15.7\(3\)m3
cisco	ios	15.7\(3\)m4
cisco	ios	15.7\(3\)m4a
cisco	ios	15.7\(3\)m4b
cisco	ios	15.8\(3\)m
cisco	ios	15.8\(3\)m0a
cisco	ios	15.8\(3\)m1
cisco	ios	15.8\(3\)m2
cisco	ios_xe	3.10.0s:s
cisco	ios_xe	3.10.1s:s
cisco	ios_xe	3.10.2as:as
cisco	ios_xe	3.10.2s:s
cisco	ios_xe	3.10.2ts:ts
cisco	ios_xe	3.10.3s:s
cisco	ios_xe	3.10.4s:s
cisco	ios_xe	3.10.5s:s
cisco	ios_xe	3.10.6s:s
cisco	ios_xe	3.10.7s:s
cisco	ios_xe	3.10.8as:as
cisco	ios_xe	3.10.8s:s
cisco	ios_xe	3.10.9s:s
cisco	ios_xe	3.10.10s:s
cisco	ios_xe	3.11.0s:s
cisco	ios_xe	3.11.1s:s
cisco	ios_xe	3.11.2s:s
cisco	ios_xe	3.11.3s:s
cisco	ios_xe	3.11.4s:s
cisco	ios_xe	3.12.0as:as
cisco	ios_xe	3.12.0s:s
cisco	ios_xe	3.12.1s:s
cisco	ios_xe	3.12.2s:s
cisco	ios_xe	3.12.3s:s
cisco	ios_xe	3.12.4s:s
cisco	ios_xe	3.13.0s:s
cisco	ios_xe	3.13.1s:s
cisco	ios_xe	3.13.2as:as
cisco	ios_xe	3.13.2s:s
cisco	ios_xe	3.13.3s:s
cisco	ios_xe	3.13.4s:s
cisco	ios_xe	3.13.5as:as
cisco	ios_xe	3.13.5s:s
cisco	ios_xe	3.13.6as:as
cisco	ios_xe	3.13.6bs:bs
cisco	ios_xe	3.13.6s:s
cisco	ios_xe	3.13.7as:as
cisco	ios_xe	3.13.7s:s
cisco	ios_xe	3.13.8s:s
cisco	ios_xe	3.13.9s:s
cisco	ios_xe	3.13.10s:s
cisco	ios_xe	3.14.0s:s
cisco	ios_xe	3.14.1s:s
cisco	ios_xe	3.14.2s:s
cisco	ios_xe	3.14.3s:s
cisco	ios_xe	3.14.4s:s
cisco	ios_xe	3.15.0s:s
cisco	ios_xe	3.15.1cs:cs
cisco	ios_xe	3.15.1s:s
cisco	ios_xe	3.15.2s:s
cisco	ios_xe	3.15.3s:s
cisco	ios_xe	3.15.4s:s
cisco	ios_xe	3.16.0cs:cs
cisco	ios_xe	3.16.0s:s
cisco	ios_xe	3.16.1as:as
cisco	ios_xe	3.16.1s:s
cisco	ios_xe	3.16.2bs:bs
cisco	ios_xe	3.16.2s:s
cisco	ios_xe	3.16.3s:s
cisco	ios_xe	3.16.4as:as
cisco	ios_xe	3.16.4bs:bs
cisco	ios_xe	3.16.4cs:cs
cisco	ios_xe	3.16.4ds:ds
cisco	ios_xe	3.16.4es:es
cisco	ios_xe	3.16.4gs:gs
cisco	ios_xe	3.16.5as:as
cisco	ios_xe	3.16.5bs:bs
cisco	ios_xe	3.16.5s:s
cisco	ios_xe	3.16.6bs:bs
cisco	ios_xe	3.16.6s:s
cisco	ios_xe	3.16.7as:as
cisco	ios_xe	3.16.7bs:bs
cisco	ios_xe	3.16.7s:s
cisco	ios_xe	3.16.8s:s
cisco	ios_xe	3.16.9s:s
cisco	ios_xe	3.16.10s:s
cisco	ios_xe	3.17.0s:s
cisco	ios_xe	3.17.1as:as
cisco	ios_xe	3.17.1s:s
cisco	ios_xe	3.17.2s:s
cisco	ios_xe	3.17.3s:s
cisco	ios_xe	3.17.4s:s
cisco	ios_xe	3.18.0as:as
cisco	ios_xe	3.18.1asp:asp
cisco	ios_xe	3.18.1sp:sp
cisco	ios_xe	3.18.2asp:asp
cisco	ios_xe	3.18.3asp:asp
cisco	ios_xe	3.18.3bsp:bsp
cisco	ios_xe	3.18.3sp:sp
cisco	ios_xe	3.18.4sp:sp
cisco	ios_xe	3.18.5sp:sp
cisco	ios_xe	3.18.6sp:sp
cisco	ios_xe	16.2.1
cisco	ios_xe	16.2.2
cisco	ios_xe	16.3.1
cisco	ios_xe	16.3.1a:a
cisco	ios_xe	16.3.2
cisco	ios_xe	16.3.3
cisco	ios_xe	16.3.4
cisco	ios_xe	16.3.5
cisco	ios_xe	16.3.6
cisco	ios_xe	16.3.7
cisco	ios_xe	16.3.8
cisco	ios_xe	16.3.9
cisco	ios_xe	16.4.1
cisco	ios_xe	16.4.2
cisco	ios_xe	16.4.3
cisco	ios_xe	16.5.1
cisco	ios_xe	16.5.1b:b
cisco	ios_xe	16.5.2
cisco	ios_xe	16.5.3
cisco	ios_xe	16.6.1
cisco	ios_xe	16.6.2
cisco	ios_xe	16.6.3
cisco	ios_xe	16.6.4
cisco	ios_xe	16.6.4s:s
cisco	ios_xe	16.6.5
cisco	ios_xe	16.6.5b:b
cisco	ios_xe	16.6.6
cisco	ios_xe	16.7.1
cisco	ios_xe	16.7.1a:a
cisco	ios_xe	16.7.1b:b
cisco	ios_xe	16.7.2
cisco	ios_xe	16.7.3
cisco	ios_xe	16.7.4
cisco	ios_xe	16.8.1
cisco	ios_xe	16.8.1a:a
cisco	ios_xe	16.8.1c:c
cisco	ios_xe	16.8.1d:d
cisco	ios_xe	16.8.1e:e
cisco	ios_xe	16.8.1s:s
cisco	ios_xe	16.8.2
cisco	ios_xe	16.8.3
cisco	ios_xe	16.9.1
cisco	ios_xe	16.9.1a:a
cisco	ios_xe	16.9.1s:s
cisco	ios_xe	16.9.2
cisco	ios_xe	16.9.2s:s
cisco	ios_xe	16.9.3
cisco	ios_xe	16.9.3s:s
cisco	ios_xe	16.9.4
cisco	ios_xe	16.10.1
cisco	ios_xe	16.10.1a:a
cisco	ios_xe	16.10.1b:b
cisco	ios_xe	16.10.1c:c
cisco	ios_xe	16.10.1d:d
cisco	ios_xe	16.10.1e:e
cisco	ios_xe	16.10.1f:f
cisco	ios_xe	16.10.1g:g
cisco	ios_xe	16.10.1s:s
cisco	ios_xe	16.10.2
cisco	ios_xe	16.11.1
cisco	ios_xe	16.11.1a:a
cisco	ios_xe	16.11.1b:b
cisco	ios_xe	16.11.1c:c
cisco	ios_xe	16.11.1s:s
cisco	ios_xe	16.12.1y:y

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sip-Cv28sQw2