CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3479

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 7.8

References

Products affected by CVE-2020-3479

Cisco » 1100 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1100_integrated_services_router:-
Cisco » 1101 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1101_integrated_services_router:-
Cisco » 1109 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1109_integrated_services_router:-
Cisco » 1111x Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1111x_integrated_services_router:-
Cisco » 111x Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:111x_integrated_services_router:-
Cisco » 1120 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1120_integrated_services_router:-
Cisco » 1160 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1160_integrated_services_router:-
Cisco » 4221 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4221_integrated_services_router:-
Cisco » 4321 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4321_integrated_services_router:-
Cisco » 4331 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4331_integrated_services_router:-
Cisco » 4351 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4351_integrated_services_router:-
Cisco » 4431 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4431_integrated_services_router:-
Cisco » 4451-X Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4451-x_integrated_services_router:-
Cisco » 4461 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4461_integrated_services_router:-
Cisco » Asr 1001-Hx » Version: N/A

cpe:2.3:h:cisco:asr_1001-hx:-
Cisco » Asr 1001-X » Version: N/A

cpe:2.3:h:cisco:asr_1001-x:-
Cisco » Asr 1002-Hx » Version: N/A

cpe:2.3:h:cisco:asr_1002-hx:-
Cisco » Asr 1002-X » Version: N/A

cpe:2.3:h:cisco:asr_1002-x:-
Cisco » Asr 1004 » Version: N/A

cpe:2.3:h:cisco:asr_1004:-
Cisco » Asr 1006-X » Version: N/A

cpe:2.3:h:cisco:asr_1006-x:-
Cisco » Asr 1006 » Version: N/A

cpe:2.3:h:cisco:asr_1006:-
Cisco » Asr 1009-X » Version: N/A

cpe:2.3:h:cisco:asr_1009-x:-
Cisco » Asr 1013 » Version: N/A

cpe:2.3:h:cisco:asr_1013:-
Cisco » Cloud Services Router 1000v » Version: N/A

cpe:2.3:h:cisco:cloud_services_router_1000v:-
Cisco » Ios » Version: N/A

cpe:2.3:o:cisco:ios:-
Cisco » Ios Xe » Version: N/A

cpe:2.3:o:cisco:ios_xe:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3479

Products

Pricing

Contact Us