A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload.
History

Wed, 13 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-09-24T17:51:52.664572Z

Updated: 2024-11-13T18:00:09.880Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3508

cve-icon Vulnrichment

Updated: 2024-08-04T07:37:54.688Z

cve-icon NVD

Status : Modified

Published: 2020-09-24T18:15:20.963

Modified: 2024-11-21T05:31:12.983

Link: CVE-2020-3508

cve-icon Redhat

No data.