Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-20406

A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.9%
CVSS Severity
CVSS v3 Score 7.4
Products affected by CVE-2024-20406
  • Cisco » Ios Xr » Version: 6.8.1
    cpe:2.3:o:cisco:ios_xr:6.8.1
  • Cisco » Ios Xr » Version: 6.8.2
    cpe:2.3:o:cisco:ios_xr:6.8.2
  • Cisco » Ios Xr » Version: 6.9.1
    cpe:2.3:o:cisco:ios_xr:6.9.1
  • Cisco » Ios Xr » Version: 6.9.2
    cpe:2.3:o:cisco:ios_xr:6.9.2
  • Cisco » Ios Xr » Version: 7.10
    cpe:2.3:o:cisco:ios_xr:7.10
  • Cisco » Ios Xr » Version: 7.10.1
    cpe:2.3:o:cisco:ios_xr:7.10.1
  • Cisco » Ios Xr » Version: 7.10.2
    cpe:2.3:o:cisco:ios_xr:7.10.2
  • Cisco » Ios Xr » Version: 7.11
    cpe:2.3:o:cisco:ios_xr:7.11
  • Cisco » Ios Xr » Version: 7.11.1
    cpe:2.3:o:cisco:ios_xr:7.11.1
  • Cisco » Ios Xr » Version: 7.4.1
    cpe:2.3:o:cisco:ios_xr:7.4.1
  • Cisco » Ios Xr » Version: 7.4.15
    cpe:2.3:o:cisco:ios_xr:7.4.15
  • Cisco » Ios Xr » Version: 7.4.16
    cpe:2.3:o:cisco:ios_xr:7.4.16
  • Cisco » Ios Xr » Version: 7.4.2
    cpe:2.3:o:cisco:ios_xr:7.4.2
  • Cisco » Ios Xr » Version: 7.5
    cpe:2.3:o:cisco:ios_xr:7.5
  • Cisco » Ios Xr » Version: 7.5.1
    cpe:2.3:o:cisco:ios_xr:7.5.1
  • Cisco » Ios Xr » Version: 7.5.12
    cpe:2.3:o:cisco:ios_xr:7.5.12
  • Cisco » Ios Xr » Version: 7.5.2
    cpe:2.3:o:cisco:ios_xr:7.5.2
  • Cisco » Ios Xr » Version: 7.5.3
    cpe:2.3:o:cisco:ios_xr:7.5.3
  • Cisco » Ios Xr » Version: 7.5.4
    cpe:2.3:o:cisco:ios_xr:7.5.4
  • Cisco » Ios Xr » Version: 7.5.5
    cpe:2.3:o:cisco:ios_xr:7.5.5
  • Cisco » Ios Xr » Version: 7.5.52
    cpe:2.3:o:cisco:ios_xr:7.5.52
  • Cisco » Ios Xr » Version: 7.6
    cpe:2.3:o:cisco:ios_xr:7.6
  • Cisco » Ios Xr » Version: 7.6.1
    cpe:2.3:o:cisco:ios_xr:7.6.1
  • Cisco » Ios Xr » Version: 7.6.15
    cpe:2.3:o:cisco:ios_xr:7.6.15
  • Cisco » Ios Xr » Version: 7.6.2
    cpe:2.3:o:cisco:ios_xr:7.6.2
  • Cisco » Ios Xr » Version: 7.6.3
    cpe:2.3:o:cisco:ios_xr:7.6.3
  • Cisco » Ios Xr » Version: 7.7
    cpe:2.3:o:cisco:ios_xr:7.7
  • Cisco » Ios Xr » Version: 7.7.1
    cpe:2.3:o:cisco:ios_xr:7.7.1
  • Cisco » Ios Xr » Version: 7.7.2
    cpe:2.3:o:cisco:ios_xr:7.7.2
  • Cisco » Ios Xr » Version: 7.7.21
    cpe:2.3:o:cisco:ios_xr:7.7.21
  • Cisco » Ios Xr » Version: 7.8
    cpe:2.3:o:cisco:ios_xr:7.8
  • Cisco » Ios Xr » Version: 7.8.1
    cpe:2.3:o:cisco:ios_xr:7.8.1
  • Cisco » Ios Xr » Version: 7.8.12
    cpe:2.3:o:cisco:ios_xr:7.8.12
  • Cisco » Ios Xr » Version: 7.8.2
    cpe:2.3:o:cisco:ios_xr:7.8.2
  • Cisco » Ios Xr » Version: 7.8.22
    cpe:2.3:o:cisco:ios_xr:7.8.22
  • Cisco » Ios Xr » Version: 7.8.23
    cpe:2.3:o:cisco:ios_xr:7.8.23
  • Cisco » Ios Xr » Version: 7.9
    cpe:2.3:o:cisco:ios_xr:7.9
  • Cisco » Ios Xr » Version: 7.9.0
    cpe:2.3:o:cisco:ios_xr:7.9.0
  • Cisco » Ios Xr » Version: 7.9.1
    cpe:2.3:o:cisco:ios_xr:7.9.1
  • Cisco » Ios Xr » Version: 7.9.2
    cpe:2.3:o:cisco:ios_xr:7.9.2
  • Cisco » Ios Xr » Version: 7.9.21
    cpe:2.3:o:cisco:ios_xr:7.9.21


Products
Pricing
Contact Us

Shodan ® - All rights reserved