First published: Thu Sep 24 2020(Updated: )
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS XE | =16.12.1 | |
Cisco IOS XE | =16.12.2 | |
Cisco IOS XE | =17.1.1 | |
Cisco Catalyst C9200-24p | ||
Cisco Catalyst C9200-24t | ||
Cisco Catalyst C9200-48p | ||
Cisco Catalyst C9200-48t | ||
Cisco Catalyst C9200l-24p-4g | ||
Cisco Catalyst C9200l-24p-4x | ||
Cisco Catalyst C9200l-24pxg-2y | ||
Cisco Catalyst C9200l-24pxg-4x | ||
Cisco Catalyst C9200l-24t-4g | ||
Cisco Catalyst C9200l-24t-4x | ||
Cisco Catalyst C9200l-48p-4g | ||
Cisco Catalyst C9200l-48p-4x | ||
Cisco Catalyst C9200l-48pxg-2y | ||
Cisco Catalyst C9200l-48pxg-4x | ||
Cisco Catalyst C9200l-48t-4g | ||
Cisco Catalyst C9200l-48t-4x | ||
Cisco Catalyst C9300-24p | ||
Cisco Catalyst C9300-24s | ||
Cisco Catalyst C9300-24t | ||
Cisco Catalyst C9300-24u | ||
Cisco Catalyst C9300-24ux | ||
Cisco Catalyst C9300-48p | ||
Cisco Catalyst C9300-48s | ||
Cisco Catalyst C9300-48t | ||
Cisco Catalyst C9300-48u | ||
Cisco Catalyst C9300-48un | ||
Cisco Catalyst C9300-48uxm | ||
Cisco Catalyst C9300l-24p-4g | ||
Cisco Catalyst C9300l-24p-4x | ||
Cisco Catalyst C9300l-24t-4g | ||
Cisco Catalyst C9300l-24t-4x | ||
Cisco Catalyst C9300l-48p-4g | ||
Cisco Catalyst C9300l-48p-4x | ||
Cisco Catalyst C9300l-48t-4g | ||
Cisco Catalyst C9300l-48t-4x | ||
Cisco Catalyst C9404r | ||
Cisco Catalyst C9407r | ||
Cisco Catalyst C9410r | ||
Cisco Catalyst C9500-12q | ||
Cisco Catalyst C9500-16x | ||
Cisco Catalyst C9500-24q | ||
Cisco Catalyst C9500-24y4c | ||
Cisco Catalyst C9500-32c | ||
Cisco Catalyst C9500-32qc | ||
Cisco Catalyst C9500-40x | ||
Cisco Catalyst C9500-48y4c | ||
Cisco Catalyst C9600-lc-24c | ||
Cisco Catalyst C9600-lc-48s | ||
Cisco Catalyst C9600-lc-48tx | ||
Cisco Catalyst C9600-lc-48yl |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-3510 is a vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches that could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device.
The severity of CVE-2020-3510 is rated as high with a CVSS score of 8.6.
The affected software versions are Cisco IOS XE 16.12.1, 16.12.2, and 17.1.1.
An attacker can exploit CVE-2020-3510 by sending specially crafted network traffic to the vulnerable device.
Yes, Cisco has released software updates to address the vulnerability. Please refer to the Cisco security advisory for more information.