A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed.
History

Fri, 15 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-06-03T17:42:23.065414Z

Updated: 2024-11-15T17:14:02.843Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3230

cve-icon Vulnrichment

Updated: 2024-08-04T07:30:56.513Z

cve-icon NVD

Status : Modified

Published: 2020-06-03T18:15:20.997

Modified: 2024-11-21T05:30:36.857

Link: CVE-2020-3230

cve-icon Redhat

No data.