Cisco Catalyst 6000 Series Switches: DoS via proc-switched traffic
CVE-2024-20276 Published on March 27, 2024
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
Vulnerability Analysis
Weakness Type
Uncaught Exception
An exception is thrown from a function, but it is not caught. When an exception is not caught, it may cause the program to crash or expose sensitive information.
Products Associated with CVE-2024-20276
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-20276 are published in Cisco Internetwork Operating System (IOS):
Affected Versions
Cisco IOS:- Version 15.5(1)SY5 is affected.
- Version 15.5(1)SY6 is affected.
- Version 15.5(1)SY7 is affected.
- Version 15.5(1)SY8 is affected.
- Version 15.5(1)SY9 is affected.
- Version 15.5(1)SY10 is affected.
- Version 15.5(1)SY11 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.