How severe is CVE-2020-3517?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2020-3517?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2020-3517

HIGH Year: 2020

CVSS v3 Score

8.6

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-476

View all →

Vulnerability Description

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.

CVE-2018-0305

HIGH

CVSS:8.6(High)

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on t...

CWE-4762018

CVE-2019-12647

HIGH

CVSS:8.6(High)

A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because t...

CWE-4762019

CVE-2019-12654

HIGH

CVSS:8.6(High)

A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resu...

CWE-4762019

CVE-2020-13583

HIGH

CVSS:8.6(High)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP reque...

CWE-4762020

CVE-2020-3407

HIGH

CVSS:8.6(High)

A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerab...

CWE-4762020

CVE-2021-0251

HIGH

CVSS:8.6(High)

A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an...

CWE-4762021

CVE-2020-3517

Vulnerability Description

Related Vulnerabilities

CVE-2018-0305

CVE-2019-12647

CVE-2019-12654

CVE-2020-13583

CVE-2020-3407

CVE-2021-0251