CVE-2024-20317

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Sep 11, 2024

Updated: Sep 12, 2024

CWE ID 684

Summary

CVE-2024-20317 is a vulnerability in Cisco IOS XR Software affecting various Cisco Network Convergence System (NCS) platforms, which can allow an unauthenticated adjacent attacker to drop critical priority packets, leading to a denial of service (DoS) condition. The issue arises from incorrect classification of specific Ethernet frames received on an interface. Successful exploitation could disrupt control plane protocol relationships, severely impacting network availability. Cisco has released software updates to remediate this vulnerability, and currently, there are no available workarounds. The CVSS base score for this vulnerability is 7.4, indicating a high severity with significant potential impact on organizational operations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database