CVE-2024-20390

A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751. This vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, crafted stream of XML traffic to a targeted device. A successful exploit could allow the attacker to cause XML TCP port 38751 to become unreachable while the attack traffic persists.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*

History

07 Oct 2024, 17:51

Type	Values Removed	Values Added
CPE		cpe:2.3:o:cisco:ios_xr::::::::
CWE		NVD-CWE-Other
First Time		Cisco ios Xr Cisco
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S - Vendor Advisory

12 Sep 2024, 12:35

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-11 17:15

Updated : 2024-10-07 17:51

NVD link : CVE-2024-20390

Mitre link : CVE-2024-20390

CVE.ORG link : CVE-2024-20390

JSON object : View

Products Affected

cisco

ios_xr

CWE

NVD-CWE-Other CWE-940

Improper Verification of Source of a Communication Channel

{"id": "CVE-2024-20390", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-09-11T17:15:12.613", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-940"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.\r\n\r\nThis vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, crafted stream of XML traffic to a targeted device. A successful exploit could allow the attacker to cause XML TCP port 38751 to become unreachable while the attack traffic persists."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n Dedicated XML Agent del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) en el puerto de escucha XML TCP 38751. Esta vulnerabilidad se debe a la falta de una validaci\u00f3n de errores adecuada de los paquetes XML de entrada. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un flujo continuo y elaborado de tr\u00e1fico XML a un dispositivo de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el puerto XML TCP 38751 se vuelva inaccesible mientras persista el tr\u00e1fico de ataque."}], "lastModified": "2024-10-07T17:51:37.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6EADB55-720D-4DF2-A076-256FFCEB961D", "versionEndExcluding": "24.1.2"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}