CVE-2020-3235

HIGH Year: 2020
CVSS v3 Score
7.7
High
CVSS v2 Score
6.3
Medium
Weakness Type
CWE-118
View all →

Vulnerability Description

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.

Related Vulnerabilities

CVE-2017-5884

HIGH
CVSS:7.8(High)

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) h...

CWE-1182017

CVE-2023-37921

HIGH
CVSS:7.8(High)

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to op...

CWE-1182023

CVE-2023-37922

HIGH
CVSS:7.8(High)

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to op...

CWE-1182023

CVE-2023-37923

HIGH
CVSS:7.8(High)

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to op...

CWE-1182023

CVE-2020-3369

HIGH
CVSS:8.6(High)

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected dev...

CWE-1182020

CVE-2024-43524

MEDIUM
CVSS:6.8(Medium)

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CWE-1182024