Cisco IoT Field Network Director Constrained Application Protocol input validation

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as problematic was found in Cisco IoT Field Network Director (affected version unknown). Affected by this vulnerability is an unknown function of the component Constrained Application Protocol Handler. Upgrading eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1001115204/16/2020VulD...cve_nvd_summaryA vulnerability in the Constrained Application Protocol (CoAP) implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming CoAP traffic. An attacker could exploit this vulnerability by sending a malformed CoAP packet to an affected device. A successful exploit could allow the attacker to force the CoAP server to stop, interrupting communication to the IoT endpoints.mitre.org04/16/2020accepted100
1001115104/16/2020VulD...cve_assigned1576108800mitre.org04/16/2020accepted100
1001114204/16/2020VulD...cvss3_nvd_aHnist.gov04/16/2020accepted100
1001114104/16/2020VulD...cvss3_nvd_iNnist.gov04/16/2020accepted100
1001114004/16/2020VulD...cvss3_nvd_cNnist.gov04/16/2020accepted100
1001113904/16/2020VulD...cvss3_nvd_sUnist.gov04/16/2020accepted100
1001113804/16/2020VulD...cvss3_nvd_uiNnist.gov04/16/2020accepted100
1001113704/16/2020VulD...cvss3_nvd_prNnist.gov04/16/2020accepted100
1001113604/16/2020VulD...cvss3_nvd_acLnist.gov04/16/2020accepted100
1001113504/16/2020VulD...cvss3_nvd_avNnist.gov04/16/2020accepted100
1001111304/16/2020VulD...cwe20 (privilege escalation)04/16/2020accepted100
1001115904/16/2020VulD...cvss3_nvd_basescore7.5nist.gov04/16/2020accepted90
1001115804/16/2020VulD...cvss3_vuldb_rcC04/16/2020accepted90
1001115704/16/2020VulD...cvss3_vuldb_rlO04/16/2020accepted90
1001115604/16/2020VulD...cvss3_vuldb_eX04/16/2020accepted90
1001115504/16/2020VulD...cvss2_vuldb_rcC04/16/2020accepted90
1001115404/16/2020VulD...cvss2_vuldb_rlOF04/16/2020accepted90
1001115304/16/2020VulD...cvss2_vuldb_eND04/16/2020accepted90
1001115004/16/2020VulD...cveCVE-2020-3162mitre.org04/16/2020accepted100
1001114904/16/2020VulD...nameUpgrade04/16/2020accepted100

Interested in the pricing of exploits?

See the underground prices here!