What is CVE-2020-3235?

CVE-2020-3235 is a high-severity vulnerability in Cisco Ios 12.2(53)sg1, classified under Incorrect Access of Indexable Resource ('Range Error'). CVSS score: 7.7/10. Published 2020-06-03.

How severe is CVE-2020-3235?

High severity. CVSS v3 base score is 7.7 out of 10.

Is CVE-2020-3235 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cisco Ios 12.2(53)sg1

CVE-2020-3235

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) co…

EPSS: 0.003 (52.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Ios 12.2(53)sg1 — versions n/a

Weakness classification (CWE)

CWE-118 — Incorrect Access of Indexable Resource ('Range Error')

Public proof-of-concept exploits

n0-traces/cve_

References

20200603 Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)
www.oracle.com/security-alerts/cpuoct2020.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-3235?: CVE-2020-3235 is a high-severity vulnerability in Cisco Ios 12.2(53)sg1, classified under Incorrect Access of Indexable Resource ('Range Error'). CVSS score: 7.7/10. Published 2020-06-03.
How severe is CVE-2020-3235?: High severity. CVSS v3 base score is 7.7 out of 10.
Is CVE-2020-3235 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.