Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-20312

HIGH
Published 2024-03-27T16:56:42.490Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-20312. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.4
/10
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.109
Higher than 10.9% of all CVEs

Attack Vector Metrics

Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED

Impact Metrics

Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Description

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Cisco

IOS

Affected Versions:

15.2(1)S 15.2(2)S 15.2(1)S1 15.2(4)S 15.2(1)S2 15.2(2)S1 15.2(2)S2 15.2(2)S0a 15.2(2)S0c 15.2(4)S1 15.2(4)S4 15.2(4)S6 15.2(4)S2 15.2(4)S5 15.2(4)S3 15.2(4)S3a 15.2(4)S4a 15.2(4)S7 15.3(1)T 15.3(2)T 15.3(1)T1 15.3(1)T2 15.3(1)T3 15.3(1)T4 15.3(2)T1 15.3(2)T2 15.3(2)T3 15.3(2)T4 15.1(2)SG 15.1(2)SG1 15.1(2)SG2 15.1(2)SG3 15.1(2)SG4 15.1(2)SG5 15.1(2)SG6 15.1(2)SG7 15.1(2)SG8 15.2(4)M 15.2(4)M1 15.2(4)M2 15.2(4)M4 15.2(4)M3 15.2(4)M5 15.2(4)M8 15.2(4)M10 15.2(4)M7 15.2(4)M6 15.2(4)M9 15.2(4)M6a 15.2(4)M11 15.0(1)EX 15.2(3)GC 15.2(3)GC1 15.2(4)GC 15.2(4)GC1 15.2(4)GC2 15.2(4)GC3 15.1(1)SY 15.1(1)SY1 15.1(2)SY 15.1(2)SY1 15.1(2)SY2 15.1(1)SY2 15.1(1)SY3 15.1(2)SY3 15.1(1)SY4 15.1(2)SY4 15.1(1)SY5 15.1(2)SY5 15.1(2)SY4a 15.1(1)SY6 15.1(2)SY6 15.1(2)SY7 15.1(2)SY8 15.1(2)SY9 15.1(2)SY10 15.1(2)SY11 15.1(2)SY12 15.1(2)SY13 15.1(2)SY14 15.1(2)SY15 15.1(2)SY16 15.3(1)S 15.3(2)S 15.3(3)S 15.3(1)S2 15.3(1)S1 15.3(2)S2 15.3(2)S1 15.3(3)S1 15.3(3)S2 15.3(3)S3 15.3(3)S6 15.3(3)S4 15.3(3)S1a 15.3(3)S5 15.3(3)S7 15.3(3)S8 15.3(3)S9 15.3(3)S10 15.3(3)S8a 15.4(1)T 15.4(2)T 15.4(1)T2 15.4(1)T1 15.4(1)T3 15.4(2)T1 15.4(2)T3 15.4(2)T2 15.4(1)T4 15.4(2)T4 15.2(1)E 15.2(2)E 15.2(1)E1 15.2(3)E 15.2(1)E2 15.2(1)E3 15.2(2)E1 15.2(4)E 15.2(3)E1 15.2(2)E2 15.2(2)E3 15.2(2a)E2 15.2(3)E2 15.2(3a)E 15.2(3)E3 15.2(4)E1 15.2(2)E4 15.2(2)E5 15.2(4)E2 15.2(3)E4 15.2(5)E 15.2(4)E3 15.2(2)E6 15.2(5)E1 15.2(2)E5a 15.2(3)E5 15.2(2)E5b 15.2(5a)E1 15.2(4)E4 15.2(2)E7 15.2(5)E2 15.2(6)E 15.2(5)E2b 15.2(4)E5 15.2(5)E2c 15.2(2)E8 15.2(6)E0a 15.2(6)E1 15.2(2)E7b 15.2(4)E5a 15.2(6)E0c 15.2(4)E6 15.2(6)E2 15.2(2)E9 15.2(4)E7 15.2(7)E 15.2(2)E10 15.2(4)E8 15.2(6)E2a 15.2(7)E1 15.2(7)E0b 15.2(7)E0s 15.2(6)E3 15.2(4)E9 15.2(7)E2 15.2(7a)E0b 15.2(4)E10 15.2(7)E3 15.2(7)E1a 15.2(7b)E0b 15.2(4)E10a 15.2(7)E4 15.2(8)E 15.2(8)E1 15.2(7)E5 15.2(7)E6 15.2(8)E2 15.2(4)E10d 15.2(7)E7 15.2(8)E3 15.2(7)E8 15.2(8)E4 15.2(4)E10e 15.2(7)E9 15.2(8)E5 15.4(1)S 15.4(2)S 15.4(3)S 15.4(1)S1 15.4(1)S2 15.4(2)S1 15.4(1)S3 15.4(3)S1 15.4(2)S2 15.4(3)S2 15.4(3)S3 15.4(1)S4 15.4(2)S3 15.4(2)S4 15.4(3)S4 15.4(3)S5 15.4(3)S6 15.4(3)S7 15.4(3)S6a 15.4(3)S8 15.4(3)S9 15.4(3)S10 15.3(3)M 15.3(3)M1 15.3(3)M2 15.3(3)M3 15.3(3)M5 15.3(3)M4 15.3(3)M6 15.3(3)M7 15.3(3)M8 15.3(3)M9 15.3(3)M10 15.3(3)M8a 15.2(1)EY 15.2(1)SY 15.2(1)SY1 15.2(1)SY0a 15.2(1)SY2 15.2(2)SY 15.2(1)SY1a 15.2(2)SY1 15.2(2)SY2 15.2(1)SY3 15.2(1)SY4 15.2(2)SY3 15.2(1)SY5 15.2(1)SY6 15.2(1)SY7 15.2(1)SY8 15.4(1)CG 15.4(1)CG1 15.4(2)CG 15.5(1)S 15.5(2)S 15.5(1)S1 15.5(3)S 15.5(1)S2 15.5(1)S3 15.5(2)S1 15.5(2)S2 15.5(3)S1 15.5(3)S1a 15.5(2)S3 15.5(3)S2 15.5(3)S0a 15.5(3)S3 15.5(1)S4 15.5(2)S4 15.5(3)S4 15.5(3)S5 15.5(3)S6 15.5(3)S6a 15.5(3)S7 15.5(3)S6b 15.5(3)S8 15.5(3)S9 15.5(3)S10 15.5(3)S9a 15.2(2)EB 15.2(2)EB1 15.2(2)EB2 15.2(6)EB 15.5(1)T 15.5(1)T1 15.5(2)T 15.5(1)T2 15.5(1)T3 15.5(2)T1 15.5(2)T2 15.5(2)T3 15.5(2)T4 15.5(1)T4 15.2(2)EA 15.2(2)EA1 15.2(2)EA2 15.2(3)EA 15.2(4)EA 15.2(4)EA1 15.2(2)EA3 15.2(4)EA3 15.2(5)EA 15.2(4)EA4 15.2(4)EA5 15.2(4)EA6 15.2(4)EA7 15.2(4)EA8 15.2(4)EA9 15.2(4)EA9a 15.5(3)M 15.5(3)M1 15.5(3)M0a 15.5(3)M2 15.5(3)M3 15.5(3)M4 15.5(3)M4a 15.5(3)M5 15.5(3)M6 15.5(3)M7 15.5(3)M6a 15.5(3)M8 15.5(3)M9 15.5(3)M10 15.5(3)SN 15.6(1)S 15.6(2)S 15.6(2)S1 15.6(1)S1 15.6(1)S2 15.6(2)S2 15.6(1)S3 15.6(2)S3 15.6(1)S4 15.6(2)S4 15.6(1)T 15.6(2)T 15.6(1)T0a 15.6(1)T1 15.6(2)T1 15.6(1)T2 15.6(2)T2 15.6(1)T3 15.6(2)T3 15.3(1)SY 15.3(1)SY1 15.3(1)SY2 15.6(2)SP 15.6(2)SP1 15.6(2)SP2 15.6(2)SP3 15.6(2)SP4 15.6(2)SP5 15.6(2)SP6 15.6(2)SP7 15.6(2)SP8 15.6(2)SP9 15.6(2)SP10 15.6(2)SN 15.6(3)M 15.6(3)M1 15.6(3)M0a 15.6(3)M1b 15.6(3)M2 15.6(3)M3 15.6(3)M3a 15.6(3)M4 15.6(3)M5 15.6(3)M6 15.6(3)M7 15.6(3)M6a 15.6(3)M6b 15.6(3)M8 15.6(3)M9 15.2(4)EC1 15.2(4)EC2 15.4(1)SY 15.4(1)SY1 15.4(1)SY2 15.4(1)SY3 15.4(1)SY4 15.5(1)SY 15.5(1)SY1 15.5(1)SY2 15.5(1)SY3 15.5(1)SY4 15.5(1)SY5 15.5(1)SY6 15.5(1)SY7 15.5(1)SY8 15.5(1)SY9 15.5(1)SY10 15.5(1)SY11 15.5(1)SY12 15.7(3)M 15.7(3)M1 15.7(3)M0a 15.7(3)M3 15.7(3)M2 15.7(3)M4 15.7(3)M5 15.7(3)M4a 15.7(3)M4b 15.7(3)M6 15.7(3)M7 15.7(3)M8 15.7(3)M9 15.8(3)M 15.8(3)M1 15.8(3)M0a 15.8(3)M0b 15.8(3)M2 15.8(3)M1a 15.8(3)M3 15.8(3)M2a 15.8(3)M4 15.8(3)M3a 15.8(3)M3b 15.8(3)M5 15.8(3)M6 15.8(3)M7 15.8(3)M8 15.8(3)M9 15.9(3)M 15.9(3)M1 15.9(3)M0a 15.9(3)M2 15.9(3)M3 15.9(3)M2a 15.9(3)M3a 15.9(3)M4 15.9(3)M3b 15.9(3)M5 15.9(3)M4a 15.9(3)M6 15.9(3)M7 15.9(3)M6a 15.9(3)M6b 15.9(3)M8 15.9(3)M7a 15.9(3)M8b
Cisco

Cisco IOS XE Software

Affected Versions:

3.7.0S 3.7.1S 3.7.2S 3.7.3S 3.7.4S 3.7.5S 3.7.6S 3.7.7S 3.7.4aS 3.7.2tS 3.7.0bS 3.7.1aS 3.8.0S 3.8.1S 3.8.2S 3.9.1S 3.9.0S 3.9.2S 3.9.1aS 3.9.0aS 3.2.0SE 3.2.1SE 3.2.2SE 3.2.3SE 3.3.0SE 3.3.1SE 3.3.2SE 3.3.3SE 3.3.4SE 3.3.5SE 3.3.0XO 3.3.1XO 3.3.2XO 3.4.0SG 3.4.2SG 3.4.1SG 3.4.3SG 3.4.4SG 3.4.5SG 3.4.6SG 3.4.7SG 3.4.8SG 3.5.0E 3.5.1E 3.5.2E 3.5.3E 3.10.0S 3.10.1S 3.10.2S 3.10.3S 3.10.4S 3.10.5S 3.10.6S 3.10.2tS 3.10.7S 3.10.1xbS 3.10.8S 3.10.8aS 3.10.9S 3.10.10S 3.11.1S 3.11.2S 3.11.0S 3.11.3S 3.11.4S 3.12.0S 3.12.1S 3.12.2S 3.12.3S 3.12.0aS 3.12.4S 3.13.0S 3.13.1S 3.13.2S 3.13.3S 3.13.4S 3.13.5S 3.13.2aS 3.13.0aS 3.13.5aS 3.13.6S 3.13.7S 3.13.6aS 3.13.7aS 3.13.8S 3.13.9S 3.13.10S 3.6.0E 3.6.1E 3.6.2aE 3.6.2E 3.6.3E 3.6.4E 3.6.5E 3.6.6E 3.6.5aE 3.6.5bE 3.6.7E 3.6.8E 3.6.7bE 3.6.9E 3.6.10E 3.14.0S 3.14.1S 3.14.2S 3.14.3S 3.14.4S 3.15.0S 3.15.1S 3.15.2S 3.15.1cS 3.15.3S 3.15.4S 3.7.0E 3.7.1E 3.7.2E 3.7.3E 3.7.4E 3.7.5E 3.16.0S 3.16.1S 3.16.1aS 3.16.2S 3.16.2aS 3.16.0cS 3.16.3S 3.16.2bS 3.16.3aS 3.16.4S 3.16.4aS 3.16.4bS 3.16.5S 3.16.4dS 3.16.6S 3.16.7S 3.16.6bS 3.16.7aS 3.16.7bS 3.16.8S 3.16.9S 3.16.10S 3.17.0S 3.17.1S 3.17.2S 3.17.1aS 3.17.3S 3.17.4S 16.1.1 16.1.2 16.1.3 16.2.1 16.2.2 3.8.0E 3.8.1E 3.8.2E 3.8.3E 3.8.4E 3.8.5E 3.8.5aE 3.8.6E 3.8.7E 3.8.8E 3.8.9E 3.8.10E 3.8.10eE 16.3.1 16.3.2 16.3.3 16.3.1a 16.3.4 16.3.5 16.3.5b 16.3.6 16.3.7 16.3.8 16.3.9 16.3.10 16.3.11 16.4.1 16.4.2 16.4.3 16.5.1 16.5.1a 16.5.1b 16.5.2 16.5.3 3.18.0aS 3.18.0S 3.18.1S 3.18.2S 3.18.3S 3.18.4S 3.18.0SP 3.18.1SP 3.18.1aSP 3.18.1bSP 3.18.1cSP 3.18.2SP 3.18.2aSP 3.18.3SP 3.18.4SP 3.18.3aSP 3.18.3bSP 3.18.5SP 3.18.6SP 3.18.7SP 3.18.8aSP 3.18.9SP 3.9.0E 3.9.1E 3.9.2E 16.6.1 16.6.2 16.6.3 16.6.4 16.6.5 16.6.4a 16.6.5a 16.6.6 16.6.7 16.6.8 16.6.9 16.6.10 16.7.1 16.7.1a 16.7.1b 16.7.2 16.7.3 16.7.4 16.8.1 16.8.1a 16.8.1b 16.8.1s 16.8.1c 16.8.1d 16.8.2 16.8.1e 16.8.3 16.9.1 16.9.2 16.9.1a 16.9.1b 16.9.1s 16.9.3 16.9.4 16.9.3a 16.9.5 16.9.5f 16.9.6 16.9.7 16.9.8 16.10.1 16.10.1a 16.10.1b 16.10.1s 16.10.1c 16.10.1e 16.10.1d 16.10.2 16.10.1f 16.10.1g 16.10.3 3.10.0E 3.10.1E 3.10.0cE 3.10.2E 3.10.3E 16.11.1 16.11.1a 16.11.1b 16.11.2 16.11.1s 16.12.1 16.12.1s 16.12.1a 16.12.1c 16.12.1w 16.12.2 16.12.1y 16.12.2a 16.12.3 16.12.8 16.12.2s 16.12.1x 16.12.1t 16.12.4 16.12.3s 16.12.3a 16.12.4a 16.12.5 16.12.6 16.12.1z1 16.12.5a 16.12.5b 16.12.1z2 16.12.6a 16.12.7 16.12.9 16.12.10 16.12.10a 3.11.0E 3.11.1E 3.11.2E 3.11.3E 3.11.1aE 3.11.4E 3.11.3aE 3.11.5E 3.11.6E 3.11.7E 3.11.8E 3.11.9E 17.1.1 17.1.1a 17.1.1s 17.1.1t 17.1.3 17.2.1 17.2.1r 17.2.1a 17.2.1v 17.2.2 17.2.3 17.3.1 17.3.2 17.3.3 17.3.1a 17.3.1w 17.3.2a 17.3.1x 17.3.1z 17.3.4 17.3.5 17.3.4a 17.3.6 17.3.4b 17.3.4c 17.3.5a 17.3.5b 17.3.7 17.3.8 17.3.8a 17.4.1 17.4.2 17.4.1a 17.4.1b 17.4.2a 17.5.1 17.5.1a 17.6.1 17.6.2 17.6.1w 17.6.1a 17.6.1x 17.6.3 17.6.1y 17.6.1z 17.6.3a 17.6.4 17.6.1z1 17.6.5 17.6.5a 17.7.1 17.7.1a 17.7.1b 17.7.2 17.10.1 17.10.1a 17.10.1b 17.8.1 17.8.1a 17.9.1 17.9.1w 17.9.2 17.9.1a 17.9.1x 17.9.1y 17.9.3 17.9.2a 17.9.1x1 17.9.3a 17.9.1y1 17.11.1 17.11.1a 17.11.99SW

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-h59x-f52x-4wxj

Advisory Details

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-20312
WEB https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-sGjyOUHX

Advisory provided by GitHub Security Advisory Database. Published: March 27, 2024, Modified: March 27, 2024

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-sGjyOUHX
Published: 2024-03-27T16:56:42.490Z
Last Modified: 2024-11-01T14:08:17.432Z
Copied to clipboard!