Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2020-3353

A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog messages are processed. An attacker could exploit this vulnerability by sending a high rate of syslog messages to an affected device. A successful exploit could allow the attacker to cause the Application Server process to crash, resulting in a DoS condition.

  • Published: Jun 3, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-3353
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.9
  • AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
cisco / identity_services_engine 2.4.0.357 2.4.0.357.x
cisco / identity_services_engine 2.4.0.357-patch1 2.4.0.357-patch1.x
cisco / identity_services_engine 2.3.0.298 2.3.0.298.x
cisco / identity_services_engine 2.3.0.298-patch1 2.3.0.298-patch1.x
cisco / identity_services_engine 2.3.0.298-patch2 2.3.0.298-patch2.x
cisco / identity_services_engine 2.3.0.298-patch3 2.3.0.298-patch3.x
cisco / identity_services_engine 2.3.0.298-patch4 2.3.0.298-patch4.x
cisco / identity_services_engine 2.3.0.298-patch5 2.3.0.298-patch5.x
cisco / identity_services_engine 2.2.0.470 2.2.0.470.x
cisco / identity_services_engine 2.2.0.470-patch1 2.2.0.470-patch1.x
cisco / identity_services_engine 2.2.0.470-patch2 2.2.0.470-patch2.x
cisco / identity_services_engine 2.2.0.470-patch3 2.2.0.470-patch3.x
cisco / identity_services_engine 2.2.0.470-patch4 2.2.0.470-patch4.x
cisco / identity_services_engine 2.2.0.470-patch5 2.2.0.470-patch5.x
cisco / identity_services_engine 2.2.0.470-patch6 2.2.0.470-patch6.x
cisco / identity_services_engine 2.2.0.470-patch7 2.2.0.470-patch7.x
cisco / identity_services_engine 2.2.0.470-patch8 2.2.0.470-patch8.x
cisco / identity_services_engine 2.2.0.470-patch9 2.2.0.470-patch9.x
cisco / identity_services_engine 2.2.0.470-patch10 2.2.0.470-patch10.x
cisco / identity_services_engine 2.2.0.470-patch11 2.2.0.470-patch11.x
cisco / identity_services_engine 2.2.0.470-patch12 2.2.0.470-patch12.x