CVE-2020-3408

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVSS v3.0 8.6 HIGH
CVSS v2.0 7.8 HIGH

8.6^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:ios:15.8\(3\)m3:::::::*
	cpe:2.3:o:cisco:ios_xe:15.8\(3\)m3:::::::*

OR	cpe:2.3:h:cisco:asr_1002:-:::::::*
	cpe:2.3:h:cisco:asr_1001:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:integrated_services_router_4451:-:::::::*
	cpe:2.3:h:cisco:integrated_services_router_4431:-:::::::*
	cpe:2.3:h:cisco:asr1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr1001-hx-rf:-:::::::*
	cpe:2.3:h:cisco:asr1001-x-rf:-:::::::*
	cpe:2.3:h:cisco:asr1001-x-ws:-:::::::*
	cpe:2.3:h:cisco:asr1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr1002-hx-rf:-:::::::*
	cpe:2.3:h:cisco:asr1002-hx-ws:-:::::::*
	cpe:2.3:h:cisco:asr1002-x-rf:-:::::::*
	cpe:2.3:h:cisco:asr1002-x-ws:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*
	cpe:2.3:h:cisco:isr_1100-4p:-:::::::*
	cpe:2.3:h:cisco:isr_1100-8p:-:::::::*
	cpe:2.3:h:cisco:isr_1111x-8p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24ux:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48s:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48un:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::*
	cpe:2.3:h:cisco:isr_1101-4p:-:::::::*
	cpe:2.3:h:cisco:isr_1109-2p:-:::::::*
	cpe:2.3:h:cisco:isr_1109-4p:-:::::::*
	cpe:2.3:h:cisco:asr_1000-x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24p:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24s:-:::::::*
cpe:2.3:h:cisco:catalyst_c9404r:-:::::::*
cpe:2.3:h:cisco:catalyst_c9407r:-:::::::*
cpe:2.3:h:cisco:catalyst_c9410r:-:::::::*
cpe:2.3:h:cisco:csr_1000v::::::::
cpe:2.3:h:cisco:integrated_services_router_4221:-:::::::*
cpe:2.3:h:cisco:integrated_services_router_4331:-:::::::*
cpe:2.3:h:cisco:integrated_services_router_4461:-:::::::*
cpe:2.3:h:cisco:isr1100:-:::::::*
cpe:2.3:h:cisco:isr1100-4g:-:::::::*
cpe:2.3:h:cisco:isr1100-4gltegb:-:::::::*
cpe:2.3:h:cisco:isr1100-4gltena:-:::::::*
cpe:2.3:h:cisco:isr1100-6g:-:::::::*
cpe:2.3:h:cisco:isr1100-lte:-:::::::*
cpe:2.3:h:cisco:isr_1101:-:::::::*
cpe:2.3:h:cisco:isr_1109:-:::::::*
cpe:2.3:h:cisco:isr_1111x:-:::::::*
cpe:2.3:h:cisco:isr_111x:-:::::::*
cpe:2.3:h:cisco:isr_1120:-:::::::*
cpe:2.3:h:cisco:isr_1160:-:::::::*
cpe:2.3:h:cisco:ws-c3650-12x48uq:-:::::::*
cpe:2.3:h:cisco:ws-c3650-12x48ur:-:::::::*
cpe:2.3:h:cisco:ws-c3650-12x48uz:-:::::::*
cpe:2.3:h:cisco:ws-c3650-24pd:-:::::::*
cpe:2.3:h:cisco:ws-c3650-24pdm:-:::::::*
cpe:2.3:h:cisco:ws-c3650-24ps:-:::::::*
cpe:2.3:h:cisco:ws-c3650-24td:-:::::::*
cpe:2.3:h:cisco:ws-c3650-24ts:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48fd:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48fq:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48fqm:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48fs:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48pd:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48pq:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48ps:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48td:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48tq:-:::::::*
cpe:2.3:h:cisco:ws-c3650-48ts:-:::::::*
cpe:2.3:h:cisco:ws-c3650-8x24uq:-:::::::*
cpe:2.3:h:cisco:ws-c3850:-:::::::*
cpe:2.3:h:cisco:ws-c3850-12s:-:::::::*
cpe:2.3:h:cisco:ws-c3850-12x48u:-:::::::*
cpe:2.3:h:cisco:ws-c3850-12xs:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24p:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24s:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24t:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24u:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24xs:-:::::::*
cpe:2.3:h:cisco:ws-c3850-24xu:-:::::::*
cpe:2.3:h:cisco:ws-c3850-48f:-:::::::*
cpe:2.3:h:cisco:ws-c3850-48p:-:::::::*
cpe:2.3:h:cisco:ws-c3850-48t:-:::::::*
cpe:2.3:h:cisco:ws-c3850-48u:-:::::::*
cpe:2.3:h:cisco:ws-c3850-48xs:-:::::::*

Information

Published : 2020-09-24 11:15

Updated : 2022-10-27 08:47

NVD link : CVE-2020-3408

Mitre link : CVE-2020-3408

JSON object : View

CWE

CWE-400

Uncontrolled Resource Consumption

Products Affected

cisco

catalyst_c9300l-48p-4x
catalyst_c9300-48p
catalyst_c9300l-24t-4g
ws-c3650-24ps
catalyst_c9200-48t
ws-c3650-12x48uz
isr_1111x-8p
catalyst_c9200l-48t-4x
catalyst_c9500-48y4c
isr_1100-8p
isr1100-6g
asr_1006
catalyst_c9300-24t
ws-c3650-24pdm
asr1002-x-ws
ws-c3850-48t
asr_1001
asr_1000-x
catalyst_c9300l-48p-4g
ws-c3650-24td
asr1001-x-rf
isr_1100-4p
ws-c3650-48ps
catalyst_c9300-48s
catalyst_c9300-24p
catalyst_c9500-24q
asr1002-hx
catalyst_c9300l-24t-4x
isr_1101
catalyst_c9200l-24pxg-4x
catalyst_9800-80
catalyst_9800-l-f
catalyst_c9200l-24p-4g
ws-c3850-48f
catalyst_c9500-32qc
isr1100-4gltegb
catalyst_c9500-32c
asr1002-hx-rf
catalyst_c9500-24y4c
isr1100-4gltena
catalyst_c9200l-48p-4x
ws-c3850-48u
catalyst_c9200l-24t-4g
ws-c3650-48fqm
catalyst_c9200-24t
catalyst_9800-cl
catalyst_c9200l-48pxg-2y
catalyst_c9300-48uxm
catalyst_c9300-24ux
catalyst_9800-l
ws-c3650-48fd
integrated_services_router_4331
catalyst_9800-l-c
catalyst_c9300l-24p-4g
catalyst_9800-40
catalyst_c9200-24p
catalyst_c9300-48u
isr_1109-4p
asr1002-x-rf
catalyst_c9200l-24t-4x
catalyst_c9300-48t
isr_111x
ws-c3850-12xs
asr_1002-x
catalyst_c9300-24u
catalyst_c9300-48un
ws-c3850-24u
csr_1000v
integrated_services_router_4451
catalyst_c9500-40x
catalyst_c9300l-48t-4g
ws-c3850-48xs
ws-c3650-24ts
integrated_services_router_4461
catalyst_c9200l-24p-4x
catalyst_c9300-24s
asr1001-x-ws
catalyst_c9200l-48t-4g
ws-c3650-48td
ws-c3650-12x48uq
asr1002-hx-ws
asr_1013
ws-c3850-24p
catalyst_c9500-16x
ws-c3650-48tq
ws-c3650-24pd
ws-c3850-48p
isr1100
catalyst_c9200l-24pxg-2y
isr_1101-4p
integrated_services_router_4221
ws-c3850
asr1001-hx
ws-c3650-48fq
isr1100-4g
isr_1109
catalyst_c9407r
isr1100-lte
ws-c3650-12x48ur
isr_1111x
ws-c3850-24xu
integrated_services_router_4431
ws-c3850-12x48u
catalyst_c9404r
ios
isr_1109-2p
ws-c3650-48pq
asr_1002
ios_xe
ws-c3850-12s
catalyst_c9300l-48t-4x
ws-c3650-8x24uq
ws-c3650-48ts
asr_1004
ws-c3850-24s
ws-c3650-48pd
isr_1160
isr_1120
ws-c3850-24xs
ws-c3650-48fs
ws-c3850-24t
catalyst_c9300l-24p-4x
catalyst_c9200-48p
asr1001-hx-rf
catalyst_c9500-12q
catalyst_c9410r
asr_1001-x
catalyst_c9200l-48pxg-4x
catalyst_c9200l-48p-4g

8.6 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2020-3408

8.6^/10

7.8^/10

Attach tags to `CVE-2020-3408`