CVE-2023-20027

A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel interface or on a physical interface that is configured with a maximum transmission unit (MTU) greater than 4,615 bytes. An attacker could exploit this vulnerability by sending fragmented packets through a VFR-enabled interface on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
ciscoios_xe
3.9.0as:as
ciscoios_xe
3.9.1s:s
ciscoios_xe
3.9.2s:s
ciscoios_xe
3.10.0s:s
ciscoios_xe
3.10.1s:s
ciscoios_xe
3.10.2as:as
ciscoios_xe
3.10.2s:s
ciscoios_xe
3.10.2ts:ts
ciscoios_xe
3.10.3s:s
ciscoios_xe
3.10.4s:s
ciscoios_xe
3.10.5s:s
ciscoios_xe
3.10.6s:s
ciscoios_xe
3.10.7s:s
ciscoios_xe
3.10.8as:as
ciscoios_xe
3.10.8s:s
ciscoios_xe
3.10.9s:s
ciscoios_xe
3.10.10s:s
ciscoios_xe
3.11.0s:s
ciscoios_xe
3.11.1s:s
ciscoios_xe
3.11.2s:s
ciscoios_xe
3.11.3s:s
ciscoios_xe
3.11.4s:s
ciscoios_xe
3.12.0s:s
ciscoios_xe
3.12.1s:s
ciscoios_xe
3.12.2s:s
ciscoios_xe
3.12.3s:s
ciscoios_xe
3.12.4s:s
ciscoios_xe
3.13.0s:s
ciscoios_xe
3.13.1s:s
ciscoios_xe
3.13.2s:s
ciscoios_xe
3.13.3s:s
ciscoios_xe
3.13.4s:s
ciscoios_xe
3.13.5s:s
ciscoios_xe
3.13.6as:as
ciscoios_xe
3.13.6s:s
ciscoios_xe
3.13.7s:s
ciscoios_xe
3.13.8s:s
ciscoios_xe
3.13.9s:s
ciscoios_xe
3.13.10s:s
ciscoios_xe
3.14.0s:s
ciscoios_xe
3.14.1s:s
ciscoios_xe
3.14.2s:s
ciscoios_xe
3.14.3s:s
ciscoios_xe
3.14.4s:s
ciscoios_xe
3.15.0s:s
ciscoios_xe
3.15.1cs:cs
ciscoios_xe
3.15.1s:s
ciscoios_xe
3.15.2s:s
ciscoios_xe
3.15.3s:s
ciscoios_xe
3.15.4s:s
ciscoios_xe
3.16.0cs:cs
ciscoios_xe
3.16.0s:s
ciscoios_xe
3.16.1as:as
ciscoios_xe
3.16.2s:s
ciscoios_xe
3.16.3s:s
ciscoios_xe
3.16.4as:as
ciscoios_xe
3.16.4bs:bs
ciscoios_xe
3.16.4cs:cs
ciscoios_xe
3.16.4ds:ds
ciscoios_xe
3.16.4es:es
ciscoios_xe
3.16.4gs:gs
ciscoios_xe
3.16.5as:as
ciscoios_xe
3.16.5bs:bs
ciscoios_xe
3.16.5s:s
ciscoios_xe
3.16.6bs:bs
ciscoios_xe
3.16.6s:s
ciscoios_xe
3.16.7as:as
ciscoios_xe
3.16.7bs:bs
ciscoios_xe
3.16.7s:s
ciscoios_xe
3.16.8s:s
ciscoios_xe
3.16.9s:s
ciscoios_xe
3.16.10s:s
ciscoios_xe
3.17.0s:s
ciscoios_xe
3.17.1s:s
ciscoios_xe
3.17.2s:s
ciscoios_xe
3.17.3s:s
ciscoios_xe
3.17.4s:s
ciscoios_xe
3.18.0as:as
ciscoios_xe
3.18.2asp:asp
ciscoios_xe
16.2.1
ciscoios_xe
16.2.2
ciscoios_xe
16.3.1
ciscoios_xe
16.3.1a:a
ciscoios_xe
16.3.2
ciscoios_xe
16.3.3
ciscoios_xe
16.3.4
ciscoios_xe
16.3.5
ciscoios_xe
16.3.6
ciscoios_xe
16.3.7
ciscoios_xe
16.3.8
ciscoios_xe
16.3.9
ciscoios_xe
16.3.10
ciscoios_xe
16.3.11
ciscoios_xe
16.4.1
ciscoios_xe
16.4.2
ciscoios_xe
16.4.3
ciscoios_xe
16.5.1
ciscoios_xe
16.5.1b:b
ciscoios_xe
16.5.2
ciscoios_xe
16.5.3
ciscoios_xe
16.6.1
ciscoios_xe
16.6.2
ciscoios_xe
16.6.3
ciscoios_xe
16.6.4
ciscoios_xe
16.6.4s:s
ciscoios_xe
16.6.5
ciscoios_xe
16.6.6
ciscoios_xe
16.6.7
ciscoios_xe
16.6.8
ciscoios_xe
16.6.9
ciscoios_xe
16.6.10
ciscoios_xe
16.7.1
ciscoios_xe
16.7.2
ciscoios_xe
16.7.3
ciscoios_xe
16.8.1
ciscoios_xe
16.8.1s:s
ciscoios_xe
16.8.2
ciscoios_xe
16.8.3
ciscoios_xe
16.9.1
ciscoios_xe
16.9.1s:s
ciscoios_xe
16.9.2
ciscoios_xe
16.9.2s:s
ciscoios_xe
16.9.3
ciscoios_xe
16.9.3s:s
ciscoios_xe
16.9.4
ciscoios_xe
16.9.5
ciscoios_xe
16.9.6
ciscoios_xe
16.9.7
ciscoios_xe
16.9.8
ciscoios_xe
16.9.8a:a
ciscoios_xe
16.9.8c:c
ciscoios_xe
16.10.1
ciscoios_xe
16.10.1a:a
ciscoios_xe
16.10.1b:b
ciscoios_xe
16.10.1e:e
ciscoios_xe
16.10.1s:s
ciscoios_xe
16.10.2
ciscoios_xe
16.10.3
ciscoios_xe
16.11.1
ciscoios_xe
16.11.1a:a
ciscoios_xe
16.11.1c:c
ciscoios_xe
16.11.1s:s
ciscoios_xe
16.11.2
ciscoios_xe
16.12.1
ciscoios_xe
16.12.1a:a
ciscoios_xe
16.12.1c:c
ciscoios_xe
16.12.1s:s
ciscoios_xe
16.12.2
ciscoios_xe
16.12.2s:s
ciscoios_xe
16.12.2t:t
ciscoios_xe
16.12.3
ciscoios_xe
16.12.3s:s
ciscoios_xe
16.12.4
ciscoios_xe
16.12.5
ciscoios_xe
16.12.6
ciscoios_xe
16.12.7
ciscoios_xe
16.12.8
ciscoios_xe
17.1.1
ciscoios_xe
17.1.1s:s
ciscoios_xe
17.1.1t:t
ciscoios_xe
17.1.2
ciscoios_xe
17.1.3
ciscoios_xe
17.2.1
ciscoios_xe
17.2.1r:r
ciscoios_xe
17.2.1v:v
ciscoios_xe
17.2.2
ciscoios_xe
17.2.3
ciscoios_xe
17.3.1
ciscoios_xe
17.3.1a:a
ciscoios_xe
17.3.2
ciscoios_xe
17.3.3
ciscoios_xe
17.3.4
ciscoios_xe
17.3.4a:a
ciscoios_xe
17.3.5
ciscoios_xe
17.4.1
ciscoios_xe
17.4.1a:a
ciscoios_xe
17.4.1b:b
ciscoios_xe
17.4.2
ciscoios_xe
17.5.1
ciscoios_xe
17.5.1a:a
ciscoios_xe
17.6.1
ciscoios_xe
17.6.1a:a
ciscoios_xe
17.6.2
ciscoios_xe
17.6.3
ciscoios_xe
17.6.3a:a
ciscoios_xe
17.7.1
ciscoios_xe
17.7.1a:a
ciscoios_xe
17.7.2
ciscoios_xe
17.8.1
ciscoios_xe
17.8.1a:a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb