CVE-2024-20307

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.

 This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

 Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
6.8 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
ciscoios
15.1\(2\)sg8
ciscoios
15.1\(2\)sy8
ciscoios
15.1\(2\)sy9
ciscoios
15.1\(2\)sy10
ciscoios
15.1\(2\)sy11
ciscoios
15.1\(2\)sy12
ciscoios
15.1\(2\)sy13
ciscoios
15.1\(2\)sy14
ciscoios
15.1\(2\)sy15
ciscoios
15.1\(2\)sy16
ciscoios
15.2\(1\)sy3
ciscoios
15.2\(1\)sy4
ciscoios
15.2\(1\)sy5
ciscoios
15.2\(1\)sy6
ciscoios
15.2\(1\)sy7
ciscoios
15.2\(1\)sy8
ciscoios
15.2\(3\)e4
ciscoios
15.2\(3\)e5
ciscoios
15.2\(4\)e2
ciscoios
15.2\(4\)e3
ciscoios
15.2\(4\)e4
ciscoios
15.2\(4\)e5
ciscoios
15.2\(4\)e5a
ciscoios
15.2\(4\)e6
ciscoios
15.2\(4\)e7
ciscoios
15.2\(4\)e8
ciscoios
15.2\(4\)e9
ciscoios
15.2\(4\)e10
ciscoios
15.2\(4\)e10a
ciscoios
15.2\(4\)e10d
ciscoios
15.2\(4\)ea4
ciscoios
15.2\(4\)ea5
ciscoios
15.2\(4\)ea6
ciscoios
15.2\(4\)ea7
ciscoios
15.2\(4\)ea8
ciscoios
15.2\(4\)ea9
ciscoios
15.2\(4\)ea9a
ciscoios
15.2\(4\)ec1
ciscoios
15.2\(4\)ec2
ciscoios
15.2\(4\)m11
ciscoios
15.2\(5\)e
ciscoios
15.2\(5\)ea
ciscoios
15.2\(5b\)e
ciscoios
15.3\(1\)sy1
ciscoios
15.3\(1\)sy2
ciscoios
15.3\(3\)jpi11
ciscoios
15.3\(3\)m8
ciscoios
15.3\(3\)m8a
ciscoios
15.3\(3\)m9
ciscoios
15.3\(3\)m10
ciscoios
15.3\(3\)s8
ciscoios
15.3\(3\)s8a
ciscoios
15.3\(3\)s9
ciscoios
15.3\(3\)s10
ciscoios
15.4\(1\)sy
ciscoios
15.4\(1\)sy1
ciscoios
15.4\(1\)sy2
ciscoios
15.4\(1\)sy3
ciscoios
15.4\(1\)sy4
ciscoios
15.4\(3\)s6
ciscoios
15.4\(3\)s6a
ciscoios
15.4\(3\)s7
ciscoios
15.4\(3\)s8
ciscoios
15.4\(3\)s9
ciscoios
15.4\(3\)s10
ciscoios
15.5\(1\)s4
ciscoios
15.5\(1\)sy
ciscoios
15.5\(1\)sy1
ciscoios
15.5\(1\)sy2
ciscoios
15.5\(1\)sy3
ciscoios
15.5\(1\)sy4
ciscoios
15.5\(1\)sy5
ciscoios
15.5\(1\)sy6
ciscoios
15.5\(1\)sy7
ciscoios
15.5\(1\)sy8
ciscoios
15.5\(1\)sy9
ciscoios
15.5\(1\)sy10
ciscoios
15.5\(1\)sy11
ciscoios
15.5\(2\)s4
ciscoios
15.5\(2\)t4
ciscoios
15.5\(3\)m3
ciscoios
15.5\(3\)m4
ciscoios
15.5\(3\)m4a
ciscoios
15.5\(3\)m5
ciscoios
15.5\(3\)m6
ciscoios
15.5\(3\)m6a
ciscoios
15.5\(3\)m7
ciscoios
15.5\(3\)m8
ciscoios
15.5\(3\)m9
ciscoios
15.5\(3\)m10
ciscoios
15.5\(3\)s3
ciscoios
15.5\(3\)s4
ciscoios
15.5\(3\)s5
ciscoios
15.5\(3\)s6
ciscoios
15.5\(3\)s6a
ciscoios
15.5\(3\)s6b
ciscoios
15.5\(3\)s7
ciscoios
15.5\(3\)s8
ciscoios
15.5\(3\)s9
ciscoios
15.5\(3\)s9a
ciscoios
15.5\(3\)s10
ciscoios
15.7\(3\)m
ciscoios
15.7\(3\)m0a
ciscoios
15.7\(3\)m1
ciscoios
15.7\(3\)m2
ciscoios
15.7\(3\)m3
ciscoios
15.7\(3\)m4
ciscoios
15.7\(3\)m4a
ciscoios
15.7\(3\)m4b
ciscoios
15.7\(3\)m5
ciscoios
15.7\(3\)m6
ciscoios
15.7\(3\)m7
ciscoios
15.7\(3\)m8
ciscoios
15.7\(3\)m9
ciscoios
15.8\(3\)m
ciscoios
15.8\(3\)m0a
ciscoios
15.8\(3\)m0b
ciscoios
15.8\(3\)m1
ciscoios
15.8\(3\)m1a
ciscoios
15.8\(3\)m2
ciscoios
15.8\(3\)m2a
ciscoios
15.8\(3\)m3
ciscoios
15.8\(3\)m3a
ciscoios
15.8\(3\)m3b
ciscoios
15.8\(3\)m4
ciscoios
15.8\(3\)m5
ciscoios
15.8\(3\)m6
ciscoios
15.8\(3\)m7
ciscoios
15.8\(3\)m8
ciscoios
15.8\(3\)m9
ciscoios
15.8\(3\)m10
ciscoios
15.9\(3\)m
ciscoios
15.9\(3\)m0a
ciscoios
15.9\(3\)m1
ciscoios
15.9\(3\)m2
ciscoios
15.9\(3\)m2a
ciscoios
15.9\(3\)m3
ciscoios
15.9\(3\)m3a
ciscoios
15.9\(3\)m3b
ciscoios
15.9\(3\)m4
ciscoios
15.9\(3\)m4a
ciscoios
15.9\(3\)m5
ciscoios
15.9\(3\)m6
ciscoios
15.9\(3\)m6a
ciscoios
15.9\(3\)m6b
ciscoios
15.9\(3\)m7
ciscoios
15.9\(3\)m7a
ciscoios_xe
3.4.8sg:sg
ciscoios_xe
3.7.4e:e
ciscoios_xe
3.7.5e:e
ciscoios_xe
3.8.2e:e
ciscoios_xe
3.8.3e:e
ciscoios_xe
3.8.4e:e
ciscoios_xe
3.8.5ae:ae
ciscoios_xe
3.8.5e:e
ciscoios_xe
3.8.6e:e
ciscoios_xe
3.8.7e:e
ciscoios_xe
3.8.8e:e
ciscoios_xe
3.8.9e:e
ciscoios_xe
3.8.10e:e
ciscoios_xe
3.9.0e:e
ciscoios_xe
3.10.8as:as
ciscoios_xe
3.10.8s:s
ciscoios_xe
3.10.9s:s
ciscoios_xe
3.10.10s:s
ciscoios_xe
3.13.6as:as
ciscoios_xe
3.13.6s:s
ciscoios_xe
3.13.7as:as
ciscoios_xe
3.13.7s:s
ciscoios_xe
3.13.8s:s
ciscoios_xe
3.13.9s:s
ciscoios_xe
3.13.10s:s
ciscoios_xe
3.14.4s:s
ciscoios_xe
3.15.4s:s
ciscoios_xe
3.16.3as:as
ciscoios_xe
3.16.3s:s
ciscoios_xe
3.16.4as:as
ciscoios_xe
3.16.4bs:bs
ciscoios_xe
3.16.4ds:ds
ciscoios_xe
3.16.4s:s
ciscoios_xe
3.16.5s:s
ciscoios_xe
3.16.6bs:bs
ciscoios_xe
3.16.6s:s
ciscoios_xe
3.16.7as:as
ciscoios_xe
3.16.7bs:bs
ciscoios_xe
3.16.7s:s
ciscoios_xe
3.16.8s:s
ciscoios_xe
3.16.9s:s
ciscoios_xe
3.16.10s:s
ciscoios_xe
16.1.3
ciscoios_xe
16.2.1
ciscoios_xe
16.2.2
ciscoios_xe
16.3.1
ciscoios_xe
16.3.1a:a
ciscoios_xe
16.3.2
ciscoios_xe
16.3.3
ciscoios_xe
16.3.4
ciscoios_xe
16.3.5
ciscoios_xe
16.3.5b:b
ciscoios_xe
16.3.6
ciscoios_xe
16.3.7
ciscoios_xe
16.3.8
ciscoios_xe
16.3.9
ciscoios_xe
16.3.10
ciscoios_xe
16.3.11
ciscoios_xe
16.4.1
ciscoios_xe
16.4.2
ciscoios_xe
16.4.3
ciscoios_xe
16.5.1
ciscoios_xe
16.5.1a:a
ciscoios_xe
16.5.1b:b
ciscoios_xe
16.5.2
ciscoios_xe
16.5.3
ciscoios_xe
16.6.1
ciscoios_xe
16.6.2
ciscoios_xe
16.6.3
ciscoios_xe
16.6.4
ciscoios_xe
16.6.4a:a
ciscoios_xe
16.6.5
ciscoios_xe
16.6.5a:a
ciscoios_xe
16.6.6
ciscoios_xe
16.6.7
ciscoios_xe
16.6.8
ciscoios_xe
16.6.9
ciscoios_xe
16.6.10
ciscoios_xe
16.7.1
ciscoios_xe
16.7.1a:a
ciscoios_xe
16.7.1b:b
ciscoios_xe
16.7.2
ciscoios_xe
16.7.3
ciscoios_xe
16.7.4
ciscoios_xe
16.8.1
ciscoios_xe
16.8.1a:a
ciscoios_xe
16.8.1b:b
ciscoios_xe
16.8.1c:c
ciscoios_xe
16.8.1d:d
ciscoios_xe
16.8.1e:e
ciscoios_xe
16.8.1s:s
ciscoios_xe
16.8.2
ciscoios_xe
16.8.3
ciscoios_xe
16.9.1
ciscoios_xe
16.9.1a:a
ciscoios_xe
16.9.1b:b
ciscoios_xe
16.9.1s:s
ciscoios_xe
16.9.2
ciscoios_xe
16.9.3
ciscoios_xe
16.9.3a:a
ciscoios_xe
16.9.4
ciscoios_xe
16.9.5
ciscoios_xe
16.9.5f:f
ciscoios_xe
16.9.6
ciscoios_xe
16.9.7
ciscoios_xe
16.9.8
ciscoios_xe
16.10.1
ciscoios_xe
16.10.1a:a
ciscoios_xe
16.10.1b:b
ciscoios_xe
16.10.1c:c
ciscoios_xe
16.10.1d:d
ciscoios_xe
16.10.1e:e
ciscoios_xe
16.10.1f:f
ciscoios_xe
16.10.1g:g
ciscoios_xe
16.10.1s:s
ciscoios_xe
16.10.2
ciscoios_xe
16.10.3
ciscoios_xe
16.11.1
ciscoios_xe
16.11.1a:a
ciscoios_xe
16.11.1b:b
ciscoios_xe
16.11.1s:s
ciscoios_xe
16.11.2
ciscoios_xe
16.12.1
ciscoios_xe
16.12.1a:a
ciscoios_xe
16.12.1c:c
ciscoios_xe
16.12.1s:s
ciscoios_xe
16.12.1t:t
ciscoios_xe
16.12.1w:w
ciscoios_xe
16.12.1x:x
ciscoios_xe
16.12.1y:y
ciscoios_xe
16.12.1z1:z1
ciscoios_xe
16.12.1z2:z2
ciscoios_xe
16.12.2
ciscoios_xe
16.12.2a:a
ciscoios_xe
16.12.2s:s
ciscoios_xe
16.12.3
ciscoios_xe
16.12.3a:a
ciscoios_xe
16.12.3s:s
ciscoios_xe
16.12.4
ciscoios_xe
16.12.4a:a
ciscoios_xe
16.12.5
ciscoios_xe
16.12.5a:a
ciscoios_xe
16.12.5b:b
ciscoios_xe
16.12.6
ciscoios_xe
16.12.6a:a
ciscoios_xe
16.12.7
ciscoios_xe
16.12.8
ciscoios_xe
16.12.9
ciscoios_xe
17.1.1
ciscoios_xe
17.1.1a:a
ciscoios_xe
17.1.1s:s
ciscoios_xe
17.1.1t:t
ciscoios_xe
17.1.3
ciscoios_xe
17.2.1
ciscoios_xe
17.2.1a:a
ciscoios_xe
17.2.1r:r
ciscoios_xe
17.2.1v:v
ciscoios_xe
17.2.2
ciscoios_xe
17.2.3
ciscoios_xe
17.3.1
ciscoios_xe
17.3.1a:a
ciscoios_xe
17.3.1w:w
ciscoios_xe
17.3.1x:x
ciscoios_xe
17.3.1z:z
ciscoios_xe
17.3.2
ciscoios_xe
17.3.2a:a
ciscoios_xe
17.3.3
ciscoios_xe
17.3.4
ciscoios_xe
17.3.4a:a
ciscoios_xe
17.3.4b:b
ciscoios_xe
17.3.4c:c
ciscoios_xe
17.3.5
ciscoios_xe
17.3.5a:a
ciscoios_xe
17.3.5b:b
ciscoios_xe
17.3.6
ciscoios_xe
17.3.7
ciscoios_xe
17.4.1
ciscoios_xe
17.4.1a:a
ciscoios_xe
17.4.1b:b
ciscoios_xe
17.4.2
ciscoios_xe
17.4.2a:a
ciscoios_xe
17.5.1
ciscoios_xe
17.5.1a:a
ciscoios_xe
17.6.1
ciscoios_xe
17.6.1a:a
ciscoios_xe
17.6.1w:w
ciscoios_xe
17.6.1x:x
ciscoios_xe
17.6.1y:y
ciscoios_xe
17.6.1z:z
ciscoios_xe
17.6.1z1:z1
ciscoios_xe
17.6.2
ciscoios_xe
17.6.3
ciscoios_xe
17.6.3a:a
ciscoios_xe
17.6.4
ciscoios_xe
17.6.5
ciscoios_xe
17.6.5a:a
ciscoios_xe
17.7.1
ciscoios_xe
17.7.1a:a
ciscoios_xe
17.7.1b:b
ciscoios_xe
17.7.2
ciscoios_xe
17.8.1
ciscoios_xe
17.8.1a:a
ciscoios_xe
17.9.1
ciscoios_xe
17.9.1a:a
ciscoios_xe
17.9.1w:w
ciscoios_xe
17.9.1x:x
ciscoios_xe
17.9.1x1:x1
ciscoios_xe
17.9.1y:y
ciscoios_xe
17.9.2
ciscoios_xe
17.9.2a:a
ciscoios_xe
17.9.3
ciscoios_xe
17.9.3a:a
ciscoios_xe
17.10.1
ciscoios_xe
17.10.1a:a
ciscoios_xe
17.10.1b:b
ciscoios_xe
17.11.1
ciscoios_xe
17.11.1a:a
ciscoios_xe
17.11.99sw:sw
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz