Improper Control of a Resource Through its Lifetime

CVE-2020-3175

High

8.6/10

Summary

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-664 - Improper Control of a Resource Through its Lifetime

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

References

Advisory Timeline

Published Feb 26, 2020

Improper Control of a Resource Through its Lifetime

CVE-2020-3175

Summary

CWE-664 - Improper Control of a Resource Through its Lifetime

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS