vulnerability

Cisco XE: CVE-2020-3527: Cisco Catalyst 9200 Series Switches Jumbo Frame Denial of Service Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Sep 25, 2020	Sep 25, 2020	Apr 29, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Sep 25, 2020

Added

Sep 25, 2020

Modified

Apr 29, 2024

Description

A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery.

Solution

cisco-xe-upgrade-latest

References

CVE-2020-3527
https://attackerkb.com/topics/CVE-2020-3527
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-JP-DOS-g5FfGm8y

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today