How severe is CVE-2020-3351?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2020-3351?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2020-3351

HIGH Year: 2020

CVSS v3 Score

8.6

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.

CVE-2016-6368

HIGH

CVSS:8.6(High)

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a den...

CWE-3992016

CVE-2016-9225

HIGH

CVSS:8.6(High)

A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX mo...

CWE-3992016

CVE-2017-12245

HIGH

CVSS:8.6(High)

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detecti...

CWE-3992017

CVE-2017-12246

HIGH

CVSS:8.6(High)

A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected devi...

CWE-3992017

CVE-2017-3790

HIGH

CVSS:8.6(High)

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a rel...

CWE-3992017

CVE-2017-3864

HIGH

CVSS:8.6(High)

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial ...

CWE-3992017

CVE-2020-3351

Vulnerability Description

Related Vulnerabilities

CVE-2016-6368

CVE-2016-9225

CVE-2017-12245

CVE-2017-12246

CVE-2017-3790

CVE-2017-3864