How severe is CVE-2020-3190?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2020-3190?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2020-3190

MEDIUM Year: 2020

CVSS v3 Score

5.8

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-400

View all →

Vulnerability Description

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending malicious ICMP error messages to an affected device that get punted to the IPsec packet processor. A successful exploit could allow the attacker to deplete IPsec memory, resulting in all future IPsec packets to an affected device being dropped by the device. Manual intervention is required to recover from this situation.

CVE-2018-0381

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of se...

CWE-4002018

CVE-2018-15464

MEDIUM

CVSS:5.8(Medium)

A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected devic...

CWE-4002018

CVE-2019-1672

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and a...

CWE-4002019

CVE-2024-21126

MEDIUM

CVSS:5.8(Medium)

Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allo...

CWE-4002024

CVE-2021-37865

MEDIUM

CVSS:5.7(Medium)

Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while ...

CWE-4002021

CVE-2022-0489

MEDIUM

CVSS:5.7(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments.

CWE-4002022

CVE-2020-3190

Vulnerability Description

Related Vulnerabilities

CVE-2018-0381

CVE-2018-15464

CVE-2019-1672

CVE-2024-21126

CVE-2021-37865

CVE-2022-0489