CVE-2020-3363

A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause an unexpected reboot of the switch, leading to a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
ciscosg250x-24_firmware
-
ciscosg250x-24p_firmware
-
ciscosg250x-48_firmware
-
ciscosg250x-48p_firmware
-
ciscosg250-08_firmware
-
ciscosg250-08hp_firmware
-
ciscosg250-10p_firmware
-
ciscosg250-18_firmware
-
ciscosg250-26_firmware
-
ciscosg250-26hp_firmware
-
ciscosg250-26p_firmware
-
ciscosg250-50_firmware
-
ciscosg250-50hp_firmware
-
ciscosg250-50p_firmware
-
ciscosf250-24_firmware
-
ciscosf250-24p_firmware
-
ciscosf250-48_firmware
-
ciscosf250-48hp_firmware
-
ciscosg350-10_firmware
-
ciscosg350-10p_firmware
-
ciscosg350-10mp_firmware
-
ciscosg355-10p_firmware
-
ciscosg350-28_firmware
-
ciscosg350-28p_firmware
-
ciscosg350-28mp_firmware
-
ciscosf350-48_firmware
-
ciscosf350-48p_firmware
-
ciscosf350-48mp_firmware
-
ciscosg350xg-2f10_firmware
-
ciscosg350xg-24f_firmware
-
ciscosg350xg-24t_firmware
-
ciscosg350xg-48t_firmware
-
ciscosg350x-24_firmware
-
ciscosg350x-24p_firmware
-
ciscosg350x-24mp_firmware
-
ciscosg350x-48_firmware
-
ciscosg350x-48p_firmware
-
ciscosg350x-48mp_firmware
-
ciscosx550x-16ft_firmware
-
ciscosx550x-24ft_firmware
-
ciscosx550x-12f_firmware
-
ciscosx550x-24f_firmware
-
ciscosx550x-24_firmware
-
ciscosx550x-52_firmware
-
ciscosg550x-24_firmware
-
ciscosg550x-24p_firmware
-
ciscosg550x-24mp_firmware
-
ciscosg550x-24mpp_firmware
-
ciscosg550x-48_firmware
-
ciscosg550x-48p_firmware
-
ciscosg550x-48mp_firmware
-
ciscosf550x-24_firmware
-
ciscosf550x-24p_firmware
-
ciscosf550x-24mp_firmware
-
ciscosf550x-48_firmware
-
ciscosf550x-48p_firmware
-
ciscosf550x-48mp_firmware
-
ciscosg200-50_firmware
-
ciscosg200-50p_firmware
-
ciscosg200-50fp_firmware
-
ciscosg200-26_firmware
-
ciscosg200-26p_firmware
-
ciscosg200-26fp_firmware
-
ciscosg200-18_firmware
-
ciscosg200-10fp_firmware
-
ciscosg200-08_firmware
-
ciscosg200-08p_firmware
-
ciscosf200-24_firmware
-
ciscosf200-24p_firmware
-
ciscosf200-24fp_firmware
-
ciscosf200-48_firmware
-
ciscosf200-48p_firmware
-
ciscosf302-08pp_firmware
-
ciscosf302-08mpp_firmware
-
ciscosg300-10pp_firmware
-
ciscosg300-10mpp_firmware
-
ciscosf300-24pp_firmware
-
ciscosf300-48pp_firmware
-
ciscosg300-28pp_firmware
-
ciscosf300-08_firmware
-
ciscosf300-48p_firmware
-
ciscosg300-10mp_firmware
-
ciscosg300-10p_firmware
-
ciscosg300-10_firmware
-
ciscosg300-28p_firmware
-
ciscosf300-24p_firmware
-
ciscosf302-08mp_firmware
-
ciscosg300-28_firmware
-
ciscosf300-48_firmware
-
ciscosg300-20_firmware
-
ciscosf302-08p_firmware
-
ciscosg300-52_firmware
-
ciscosf300-24_firmware
-
ciscosf302-08_firmware
-
ciscosf300-24mp_firmware
-
ciscosg300-10sfp_firmware
-
ciscosg300-28mp_firmware
-
ciscosg300-52p_firmware
-
ciscosg300-52mp_firmware
-
ciscosg500-28mpp_firmware
-
ciscosg500-52mp_firmware
-
ciscosg500xg-8f8t_firmware
-
ciscosf500-24_firmware
-
ciscosf500-24p_firmware
-
ciscosf500-48_firmware
-
ciscosf500-48p_firmware
-
ciscosg500-28_firmware
-
ciscosg500-28p_firmware
-
ciscosg500-52_firmware
-
ciscosg500-52p_firmware
-
ciscosg500x-24_firmware
-
ciscosg500x-24p_firmware
-
ciscosg500x-48_firmware
-
ciscosg500x-48p_firmware
-
𝑥
= Vulnerable software versions