Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2024-20307

MEDIUM

Published 2024-03-27T17:23:40.022Z

Actions:

CVSS Score

V3.1

6.8

/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.001

probability

of exploitation in the wild

There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.280

Higher than 28.0% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Impact Metrics

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Description

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.

This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

IOS

Affected Versions:

15.1(2)SG8 15.2(4)M11 15.1(2)SY8 15.1(2)SY9 15.1(2)SY10 15.1(2)SY11 15.1(2)SY12 15.1(2)SY13 15.1(2)SY14 15.1(2)SY15 15.1(2)SY16 15.3(3)S8 15.3(3)S9 15.3(3)S10 15.3(3)S8a 15.2(4)E2 15.2(3)E4 15.2(5)E 15.2(4)E3 15.2(5b)E 15.2(3)E5 15.2(4)E4 15.2(4)E5 15.2(4)E5a 15.2(4)E6 15.2(4)E7 15.2(4)E8 15.2(4)E9 15.2(4)E10 15.2(4)E10a 15.2(4)E10d 15.4(3)S6 15.4(3)S7 15.4(3)S6a 15.4(3)S8 15.4(3)S9 15.4(3)S10 15.3(3)M8 15.3(3)M9 15.3(3)M10 15.3(3)M8a 15.2(1)SY3 15.2(1)SY4 15.2(1)SY5 15.2(1)SY6 15.2(1)SY7 15.2(1)SY8 15.5(3)S3 15.5(1)S4 15.5(2)S4 15.5(3)S4 15.5(3)S5 15.5(3)S6 15.5(3)S6a 15.5(3)S7 15.5(3)S6b 15.5(3)S8 15.5(3)S9 15.5(3)S10 15.5(3)S9a 15.5(2)T4 15.2(5)EA 15.2(4)EA4 15.2(4)EA5 15.2(4)EA6 15.2(4)EA7 15.2(4)EA8 15.2(4)EA9 15.2(4)EA9a 15.5(3)M3 15.5(3)M4 15.5(3)M4a 15.5(3)M5 15.5(3)M6 15.5(3)M7 15.5(3)M6a 15.5(3)M8 15.5(3)M9 15.5(3)M10 15.3(1)SY1 15.3(1)SY2 15.2(4)EC1 15.2(4)EC2 15.4(1)SY 15.4(1)SY1 15.4(1)SY2 15.4(1)SY3 15.4(1)SY4 15.5(1)SY 15.5(1)SY1 15.5(1)SY2 15.5(1)SY3 15.5(1)SY4 15.5(1)SY5 15.5(1)SY6 15.5(1)SY7 15.5(1)SY8 15.5(1)SY9 15.5(1)SY10 15.5(1)SY11 15.7(3)M 15.7(3)M1 15.7(3)M0a 15.7(3)M3 15.7(3)M2 15.7(3)M4 15.7(3)M5 15.7(3)M4a 15.7(3)M4b 15.7(3)M6 15.7(3)M7 15.7(3)M8 15.7(3)M9 15.8(3)M 15.8(3)M1 15.8(3)M0a 15.8(3)M0b 15.8(3)M2 15.8(3)M1a 15.8(3)M3 15.8(3)M2a 15.8(3)M4 15.8(3)M3a 15.8(3)M3b 15.8(3)M5 15.8(3)M6 15.8(3)M7 15.8(3)M8 15.8(3)M9 15.8(3)M10 15.9(3)M 15.9(3)M1 15.9(3)M0a 15.9(3)M2 15.9(3)M3 15.9(3)M2a 15.9(3)M3a 15.9(3)M4 15.9(3)M3b 15.9(3)M5 15.9(3)M4a 15.9(3)M6 15.9(3)M7 15.9(3)M6a 15.9(3)M6b 15.9(3)M7a 15.3(3)JPI11

Cisco IOS XE Software

Affected Versions:

3.4.8SG 3.10.8S 3.10.8aS 3.10.9S 3.10.10S 3.13.6S 3.13.7S 3.13.6aS 3.13.7aS 3.13.8S 3.13.9S 3.13.10S 3.14.4S 3.15.4S 3.7.4E 3.7.5E 3.16.3S 3.16.3aS 3.16.4S 3.16.4aS 3.16.4bS 3.16.5S 3.16.4dS 3.16.6S 3.16.7S 3.16.6bS 3.16.7aS 3.16.7bS 3.16.8S 3.16.9S 3.16.10S 16.1.3 16.2.1 16.2.2 3.8.2E 3.8.3E 3.8.4E 3.8.5E 3.8.5aE 3.8.6E 3.8.7E 3.8.8E 3.8.9E 3.8.10E 16.3.1 16.3.2 16.3.3 16.3.1a 16.3.4 16.3.5 16.3.5b 16.3.6 16.3.7 16.3.8 16.3.9 16.3.10 16.3.11 16.4.1 16.4.2 16.4.3 16.5.1 16.5.1a 16.5.1b 16.5.2 16.5.3 3.9.0E 16.6.1 16.6.2 16.6.3 16.6.4 16.6.5 16.6.4a 16.6.5a 16.6.6 16.6.7 16.6.8 16.6.9 16.6.10 16.7.1 16.7.1a 16.7.1b 16.7.2 16.7.3 16.7.4 16.8.1 16.8.1a 16.8.1b 16.8.1s 16.8.1c 16.8.1d 16.8.2 16.8.1e 16.8.3 16.9.1 16.9.2 16.9.1a 16.9.1b 16.9.1s 16.9.3 16.9.4 16.9.3a 16.9.5 16.9.5f 16.9.6 16.9.7 16.9.8 16.10.1 16.10.1a 16.10.1b 16.10.1s 16.10.1c 16.10.1e 16.10.1d 16.10.2 16.10.1f 16.10.1g 16.10.3 16.11.1 16.11.1a 16.11.1b 16.11.2 16.11.1s 16.12.1 16.12.1s 16.12.1a 16.12.1c 16.12.1w 16.12.2 16.12.1y 16.12.2a 16.12.3 16.12.8 16.12.2s 16.12.1x 16.12.1t 16.12.4 16.12.3s 16.12.3a 16.12.4a 16.12.5 16.12.6 16.12.1z1 16.12.5a 16.12.5b 16.12.1z2 16.12.6a 16.12.7 16.12.9 17.1.1 17.1.1a 17.1.1s 17.1.1t 17.1.3 17.2.1 17.2.1r 17.2.1a 17.2.1v 17.2.2 17.2.3 17.3.1 17.3.2 17.3.3 17.3.1a 17.3.1w 17.3.2a 17.3.1x 17.3.1z 17.3.4 17.3.5 17.3.4a 17.3.6 17.3.4b 17.3.4c 17.3.5a 17.3.5b 17.3.7 17.4.1 17.4.2 17.4.1a 17.4.1b 17.4.2a 17.5.1 17.5.1a 17.6.1 17.6.2 17.6.1w 17.6.1a 17.6.1x 17.6.3 17.6.1y 17.6.1z 17.6.3a 17.6.4 17.6.1z1 17.6.5 17.6.5a 17.7.1 17.7.1a 17.7.1b 17.7.2 17.10.1 17.10.1a 17.10.1b 17.8.1 17.8.1a 17.9.1 17.9.1w 17.9.2 17.9.1a 17.9.1x 17.9.1y 17.9.3 17.9.2a 17.9.1x1 17.9.3a 17.11.1 17.11.1a 17.11.99SW

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz

Published: 2024-03-27T17:23:40.022Z

Last Modified: 2024-08-01T21:59:41.468Z

Copied to clipboard!