CVE-2024-20314

CVSS 3.1 Score 8.6 of 10 (high)

Details

Published Mar 27, 2024

CWE ID 783

Summary

CVE-2024-20314 is a denial-of-service vulnerability impacting the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software. An unauthenticated, remote attacker can exploit this issue by sending malicious IPv4 packets, leading to high CPU utilization and traffic processing disruption. The vulnerability arises due to the software's improper handling of specific IPv4 packets, potentially causing the device to exhaust its CPU resources and cease processing traffic, resulting in a denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vDnTsg
https://www.cve.org/CVERecord?id=CVE-2024-20314
https://nvd.nist.gov/vuln/detail/CVE-2024-20314

Back to Vulnerability Database

CVE-2024-20314

CVSS 3.1 Score 8.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations