{"containers": {"cna": {"affected": [{"product": "Cisco IOS", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-09-24T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-24T17:51:39.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}], "source": {"advisory": "cisco-sa-iosxe-isdn-q931-dos-67eUZBTf", "defect": [["CSCvr57760"]], "discovery": "INTERNAL"}, "title": "Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-09-24T16:00:00", "ID": "CVE-2020-3511", "STATE": "PUBLIC", "TITLE": "Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "7.4", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}]}, "source": {"advisory": "cisco-sa-iosxe-isdn-q931-dos-67eUZBTf", "defect": [["CSCvr57760"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:54.701Z"}, "title": "CVE Program Container", "references": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-13T17:23:34.355395Z", "id": "CVE-2020-3511", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T18:00:40.783Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3511", "datePublished": "2020-09-24T17:51:39.806Z", "dateReserved": "2019-12-12T00:00:00.000Z", "dateUpdated": "2024-11-13T18:00:40.783Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "Cisco IOS", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-24T17:51:39", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}], "source": {"advisory": "cisco-sa-iosxe-isdn-q931-dos-67eUZBTf", "defect": [["CSCvr57760"]], "discovery": "INTERNAL"}, "title": "Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-09-24T16:00:00", "ID": "CVE-2020-3511", "STATE": "PUBLIC", "TITLE": "Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "7.4", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}]}, "source": {"advisory": "cisco-sa-iosxe-isdn-q931-dos-67eUZBTf", "defect": [["CSCvr57760"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:54.701Z"}, "title": "CVE Program Container", "references": [{"name": "20200924 Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-3511", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-13T17:23:34.355395Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T17:27:21.545Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3511", "datePublished": "2020-09-24T17:51:39.806711Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-13T18:00:40.783Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:15.1\\(4\\)m:*:*:*:*:*:*:*", "matchCriteriaId": "698E9E84-006D-4EA6-A65C-60BE80BAF35C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "03A273EE-41C1-41E9-9002-46F83FC6533F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "05C90C43-2D7D-43F8-AD7F-421878909AE2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "445597DA-7EEC-470D-9A71-BC43A9F7DE5E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "86049773-C88D-4A26-A0D3-D40F3C312AEC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B8A4630-8B21-4994-8EF5-E105593A64E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "F799DC02-EB06-458C-8545-A174475FE7A2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B89FBA68-A8ED-4C5A-916E-A68468F59730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "0C24227E-9FF6-4757-A342-958CA4B8BF63", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E529335-18D1-4CEC-A8D5-CC1CA33D64F5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "3072DEFA-61D6-413F-97FD-F64C0E90155C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9FBFB5C-347B-4F73-93BE-4D3137D8F93A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F040372-CDAD-4AC4-9B7C-BFF9658B6BF2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C33862F1-652A-4F60-BD3E-A6B3733E56A9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*", "matchCriteriaId": "130205FD-CA31-4E49-B8C4-181840270C70", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*", "matchCriteriaId": "908A56D8-64AF-4813-9D4D-C429C0603A31", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "03A2AA1C-7568-4BB6-BBD3-8E03D32CDA1F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*", "matchCriteriaId": "53DAF422-7E0B-44EB-AD8D-4643A9711739", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F7F661E-335C-4123-9363-E2E5D51846C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:csr1000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "62081293-8355-4197-A5A8-1E434B808680", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en el subsistema ISDN de Cisco IOS Software y Cisco IOS XE Software, podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada cuando son procesados los mensajes ISDN Q.931. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje ISDN Q.931 malicioso hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso se bloquee, resultando en una recarga del dispositivo afectado."}], "id": "CVE-2020-3511", "lastModified": "2024-11-21T05:31:13.380", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-24T18:15:21.230", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}