VDB
CVE-2020-3526
CVE-2020-3526
PUBLISHED
CVSS 8.600000381469727 HIGH
A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.
EPSS 0.56% · 68.8th percentile
Risk Scores
CVSS 3.0
8.600000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.56%
68.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XE Software | n/a |
| cisco | ios_xe | 17.2 |
Exploit Intelligence
Timeline
- Sep 24, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wpa-dos-cXshjerc advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esp20-arp-dos-GvHVggqJ advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mdns-dos-3tH6cA9J advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-confacl-HbPtfSuO advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-ShFzXf advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISR4461-gKKUROhx advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dclass-dos-VKh9D8k3 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-3526 advisory