{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-031.pdf"
    },
    "title": "High Severity Vulnerabilities in Cisco Products",
    "serial_number": "2024-031",
    "publish_date": "29-03-2024 10:49:02",
    "description": "On March 27, 2024, Cisco released security updates for fourteen (14) vulnerabilities affecting IOS, IOS XE and Cisco Access Point software. Six (6) high severity vulnerabilities with a CVSS score of 8.6, could allow an unauthenticated, remote attacker to cause denial of service on an affected device.<br>\n",
    "url_title": "2024-031",
    "content_markdown": "---\ntitle: 'High Severity Vulnerabilities in\u00a0Cisco\u00a0Products'\nnumber: '2024-031'\nversion: '1.0'\noriginal_date: 'March 27, 2024'\ndate: 'March 29, 2024'\n---\n\n_History:_\n\n* _29/03/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn March 27, 2024, Cisco released security updates for fourteen (14) vulnerabilities affecting IOS, IOS XE and Cisco Access Point software. Six (6) high severity vulnerabilities with a CVSS score of 8.6, could allow an unauthenticated, remote attacker to cause denial of service on an affected device [1].\n\n# Technical details\n\n- `CVE-2024-20311`, an attacker could exploit this vulnerability by sending a crafted LISP packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition [2].\n- `CVE-2024-20314`, an attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition [3].\n- `CVE-2024-20307` and `CVE-2024-20308`, an attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition [4].\n- `CVE-2024-20259`, an attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition [5].\n- `CVE-2024-20271`, an attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets [6].\n\n# Affected Products\n\nThe complete list of affected products can be found on the vendor's website [1].\n\nCisco has released workarounds for the vulnerabilities `CVE-2024-20307` and `CVE-2024-20308` [4].\n\n# Recommendations\n\nCERT-EU recommends updating to the latest version of the affected product as soon as possible to mitigate this vulnerability.\n\n# References\n\n[1] <https://sec.cloudapps.cisco.com/security/center/publicationListing.x>\n\n[2] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lisp-3gYXs3qP>\n\n[3] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG>\n\n[4] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz>\n\n[5] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z>\n\n[6] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>29/03/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On March 27, 2024, Cisco released security updates for fourteen (14) vulnerabilities affecting IOS, IOS XE and Cisco Access Point software. Six (6) high severity vulnerabilities with a CVSS score of 8.6, could allow an unauthenticated, remote attacker to cause denial of service on an affected device [1].</p><h2 id=\"technical-details\">Technical details</h2><ul><li><code>CVE-2024-20311</code>, an attacker could exploit this vulnerability by sending a crafted LISP packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition [2].</li><li><code>CVE-2024-20314</code>, an attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition [3].</li><li><code>CVE-2024-20307</code> and <code>CVE-2024-20308</code>, an attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition [4].</li><li><code>CVE-2024-20259</code>, an attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition [5].</li><li><code>CVE-2024-20271</code>, an attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets [6].</li></ul><h2 id=\"affected-products\">Affected Products</h2><p>The complete list of affected products can be found on the vendor's website [1].</p><p>Cisco has released workarounds for the vulnerabilities <code>CVE-2024-20307</code> and <code>CVE-2024-20308</code> [4].</p><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends updating to the latest version of the affected product as soon as possible to mitigate this vulnerability.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/publicationListing.x\">https://sec.cloudapps.cisco.com/security/center/publicationListing.x</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lisp-3gYXs3qP\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lisp-3gYXs3qP</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG</a></p><p>[4] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev1-NO2ccFWz</a></p><p>[5] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z</a></p><p>[6] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-h9TGGX6W</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}