CVE-2020-3175 HIGH

CVE-2020-3175: Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability

Vendor Cisco
Product Cisco NX-OS Software 5.0(1a)
Weakness CWE-664
Published February 26, 2020
Last update November 15, 2024

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.

Key dates

02Disclosure timeline

February 26, 2020 CVE published
November 15, 2024 Record updated