How severe is CVE-2020-3408?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2020-3408?

This is classified as CWE-185, which is a common weakness in software security.

CVE-2020-3408 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Related Vulnerabilities

CVE-2018-17984

HIGH

CVSS:7.8(High)

An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have loca...

CWE-1852018

CVE-2018-20801

HIGH

CVSS:7.5(High)

In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka...

CWE-1852018

CVE-2018-7158

HIGH

CVSS:7.5(High)

The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector. The code in question was replaced in Node.js 6.x and later so this vulnera...

CWE-1852018

CVE-2019-14993

HIGH

CVSS:7.5(High)

Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding A...

CWE-1852019

CVE-2025-20139

HIGH

CVSS:7.5(High)

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is ...

CWE-1852025

CVE-2019-12798

CRITICAL

CVSS:9.8(Critical)

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

CWE-1852019