Overview
- Description
- A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B9F41C8-A600-4074-9A69-6506493BEE54",
"versionEndExcluding": "16.3.8",
"versionStartIncluding": "3.16.8s"
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C993A5E-D1F2-4F80-BC25-5F927BC3C0D5",
"versionEndExcluding": "16.11.1",
"versionStartIncluding": "16.10.1"
},
{
"criteria": "cpe:2.3:o:cisco:ios:16.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AA6B13C-245C-405E-AD13-CEAA0EF72AA0"
},
{
"criteria": "cpe:2.3:o:cisco:ios:16.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A0118CA-E0F2-44C0-9956-98E5E9FB2C73"
},
{
"criteria": "cpe:2.3:o:cisco:ios:16.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2245824-4120-42D0-922E-F01380704573"
},
{
"criteria": "cpe:2.3:o:cisco:ios:16.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C771AC8-80D6-4DB2-B1E0-1C0D18FB4D06"
}
],
"operator": "OR"
}
]
}
]