CVE-2020-3353

Published Jun 3, 2020

Last updated a year ago

Overview

Description: A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog messages are processed. An attacker could exploit this vulnerability by sending a high rate of syslog messages to an affected device. A successful exploit could allow the attacker to cause the Application Server process to crash, resulting in a DoS condition.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-362
ykramarz@cisco.com: CWE-362

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6D0F9C0-DFF6-4EAB-A4BE-7C155FCC3C28"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8114A0B4-F81C-4EB8-AC17-AF4781F6CAB2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70B293D8-207E-43BD-BAA3-E79ED562B52D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25B5B012-A6FD-4B53-8116-AEA7A932F376"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8260B1A1-3D16-46DA-90EC-42A546CE564F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF38434A-060E-42C2-A622-8E1ED51CAC7F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81300E10-0BDD-490D-BBE9-CA75803426C1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BC7044A-6FB4-457F-808F-FA1F8B85469A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C0BE493-4EE9-404E-B7BA-3525CA7AE9D7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EFC7A75-B2FA-4F36-91A0-E32B5D7ECD93"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A7009F6-4418-4CAD-B489-DC104CDC050C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88970AD1-07E3-4A67-A20F-AB0FE13E1B2A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7605EBFC-6810-46A9-960D-816412E6DD23"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C9676EF-DDF4-46E3-A8B4-9AD51881E4DA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EE51B0E-75A2-4BCF-848C-0EEEDFE3C41A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60A8BF35-41D2-4985-B5CB-721FF433B7CB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B633B472-923C-4527-9D2C-F1971FDAB314"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6A45D74-4CD6-4941-AB15-3DB3BAFF1467"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8E90D56-22D4-433F-9325-D6C7F544E034"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED00A491-8BEA-4A21-B2CA-6E17183563E6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2E49C7A-802D-4807-AF48-94112B821ABA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References