CVE-2024-20312
Published: Mar 27, 2024
Modified: Aug 26, 2025
CVSS v3.1
7.4
Description
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency.
| Vendor | Product | Versions |
|---|---|---|
Cisco | IOS | affected 15.2(1)Saffected 15.2(2)Saffected 15.2(1)S1affected 15.2(4)Saffected 15.2(1)S2+421 more versions |
Cisco | Cisco IOS XE Software | affected 3.7.0Saffected 3.7.1Saffected 3.7.2Saffected 3.7.3Saffected 3.7.4S+380 more versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now