CVE-2024-20436
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a null pointer dereference when accessing specific URLs. An attacker could exploit this vulnerability by sending crafted HTTP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a DoS condition on the affected device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco IOS XE Software | 3.9.1S | affected |
| Cisco | Cisco IOS XE Software | 3.9.2S | affected |
| Cisco | Cisco IOS XE Software | 3.9.0aS | affected |
| Cisco | Cisco IOS XE Software | 3.10.0S | affected |
| Cisco | Cisco IOS XE Software | 3.10.1S | affected |
| Cisco | Cisco IOS XE Software | 3.10.2S | affected |
| Cisco | Cisco IOS XE Software | 3.10.3S | affected |
| Cisco | Cisco IOS XE Software | 3.10.4S | affected |
| Cisco | Cisco IOS XE Software | 3.10.5S | affected |
| Cisco | Cisco IOS XE Software | 3.10.6S | affected |
| Cisco | Cisco IOS XE Software | 3.10.2tS | affected |
| Cisco | Cisco IOS XE Software | 3.10.7S | affected |
| Cisco | Cisco IOS XE Software | 3.10.8S | affected |
| Cisco | Cisco IOS XE Software | 3.10.8aS | affected |
| Cisco | Cisco IOS XE Software | 3.10.9S | affected |
| Cisco | Cisco IOS XE Software | 3.10.10S | affected |
| Cisco | Cisco IOS XE Software | 3.11.1S | affected |
| Cisco | Cisco IOS XE Software | 3.11.2S | affected |
| Cisco | Cisco IOS XE Software | 3.11.0S | affected |
| Cisco | Cisco IOS XE Software | 3.11.3S | affected |
| Cisco | Cisco IOS XE Software | 3.11.4S | affected |
| Cisco | Cisco IOS XE Software | 3.12.0S | affected |
| Cisco | Cisco IOS XE Software | 3.12.1S | affected |
| Cisco | Cisco IOS XE Software | 3.12.2S | affected |
| Cisco | Cisco IOS XE Software | 3.12.3S | affected |
| Cisco | Cisco IOS XE Software | 3.12.4S | affected |
| Cisco | Cisco IOS XE Software | 3.13.0S | affected |
| Cisco | Cisco IOS XE Software | 3.13.1S | affected |
| Cisco | Cisco IOS XE Software | 3.13.2S | affected |
| Cisco | Cisco IOS XE Software | 3.13.3S | affected |
| Cisco | Cisco IOS XE Software | 3.13.4S | affected |
| Cisco | Cisco IOS XE Software | 3.13.5S | affected |
| Cisco | Cisco IOS XE Software | 3.13.6S | affected |
| Cisco | Cisco IOS XE Software | 3.13.7S | affected |
| Cisco | Cisco IOS XE Software | 3.13.6aS | affected |
| Cisco | Cisco IOS XE Software | 3.13.8S | affected |
| Cisco | Cisco IOS XE Software | 3.13.9S | affected |
| Cisco | Cisco IOS XE Software | 3.13.10S | affected |
| Cisco | Cisco IOS XE Software | 3.14.0S | affected |
| Cisco | Cisco IOS XE Software | 3.14.1S | affected |
| Cisco | Cisco IOS XE Software | 3.14.2S | affected |
| Cisco | Cisco IOS XE Software | 3.14.3S | affected |
| Cisco | Cisco IOS XE Software | 3.14.4S | affected |
| Cisco | Cisco IOS XE Software | 3.15.0S | affected |
| Cisco | Cisco IOS XE Software | 3.15.1S | affected |
| Cisco | Cisco IOS XE Software | 3.15.2S | affected |
| Cisco | Cisco IOS XE Software | 3.15.1cS | affected |
| Cisco | Cisco IOS XE Software | 3.15.3S | affected |
| Cisco | Cisco IOS XE Software | 3.15.4S | affected |
| Cisco | Cisco IOS XE Software | 3.16.0S | affected |
| Cisco | Cisco IOS XE Software | 3.16.1aS | affected |
| Cisco | Cisco IOS XE Software | 3.16.2S | affected |
| Cisco | Cisco IOS XE Software | 3.16.0cS | affected |
| Cisco | Cisco IOS XE Software | 3.16.3S | affected |
| Cisco | Cisco IOS XE Software | 3.16.4aS | affected |
| Cisco | Cisco IOS XE Software | 3.16.4bS | affected |
| Cisco | Cisco IOS XE Software | 3.16.5S | affected |
| Cisco | Cisco IOS XE Software | 3.16.4dS | affected |
| Cisco | Cisco IOS XE Software | 3.16.6S | affected |
| Cisco | Cisco IOS XE Software | 3.16.7S | affected |
| Cisco | Cisco IOS XE Software | 3.16.6bS | affected |
| Cisco | Cisco IOS XE Software | 3.16.7aS | affected |
| Cisco | Cisco IOS XE Software | 3.16.7bS | affected |
| Cisco | Cisco IOS XE Software | 3.16.8S | affected |
| Cisco | Cisco IOS XE Software | 3.16.9S | affected |
| Cisco | Cisco IOS XE Software | 3.16.10S | affected |
| Cisco | Cisco IOS XE Software | 3.17.0S | affected |
| Cisco | Cisco IOS XE Software | 3.17.1S | affected |
| Cisco | Cisco IOS XE Software | 3.17.2S | affected |
| Cisco | Cisco IOS XE Software | 3.17.3S | affected |
| Cisco | Cisco IOS XE Software | 3.17.4S | affected |
| Cisco | Cisco IOS XE Software | 16.2.1 | affected |
| Cisco | Cisco IOS XE Software | 16.2.2 | affected |
| Cisco | Cisco IOS XE Software | 16.3.1 | affected |
| Cisco | Cisco IOS XE Software | 16.3.2 | affected |
| Cisco | Cisco IOS XE Software | 16.3.3 | affected |
| Cisco | Cisco IOS XE Software | 16.3.1a | affected |
| Cisco | Cisco IOS XE Software | 16.3.4 | affected |
| Cisco | Cisco IOS XE Software | 16.3.5 | affected |
| Cisco | Cisco IOS XE Software | 16.3.6 | affected |
| Cisco | Cisco IOS XE Software | 16.3.7 | affected |
| Cisco | Cisco IOS XE Software | 16.3.8 | affected |
| Cisco | Cisco IOS XE Software | 16.3.9 | affected |
| Cisco | Cisco IOS XE Software | 16.3.10 | affected |
| Cisco | Cisco IOS XE Software | 16.3.11 | affected |
| Cisco | Cisco IOS XE Software | 16.4.1 | affected |
| Cisco | Cisco IOS XE Software | 16.4.2 | affected |
| Cisco | Cisco IOS XE Software | 16.4.3 | affected |
| Cisco | Cisco IOS XE Software | 16.5.1 | affected |
| Cisco | Cisco IOS XE Software | 16.5.1b | affected |
| Cisco | Cisco IOS XE Software | 16.5.2 | affected |
| Cisco | Cisco IOS XE Software | 16.5.3 | affected |
| Cisco | Cisco IOS XE Software | 3.18.2aSP | affected |
| Cisco | Cisco IOS XE Software | 16.6.1 | affected |
| Cisco | Cisco IOS XE Software | 16.6.2 | affected |
| Cisco | Cisco IOS XE Software | 16.6.3 | affected |
| Cisco | Cisco IOS XE Software | 16.6.4 | affected |
| Cisco | Cisco IOS XE Software | 16.6.5 | affected |
| Cisco | Cisco IOS XE Software | 16.6.6 | affected |
| Cisco | Cisco IOS XE Software | 16.6.7 | affected |
| Cisco | Cisco IOS XE Software | 16.6.8 | affected |
| Cisco | Cisco IOS XE Software | 16.6.9 | affected |
| Cisco | Cisco IOS XE Software | 16.6.10 | affected |
| Cisco | Cisco IOS XE Software | 16.7.1 | affected |
| Cisco | Cisco IOS XE Software | 16.7.2 | affected |
| Cisco | Cisco IOS XE Software | 16.7.3 | affected |
| Cisco | Cisco IOS XE Software | 16.8.1 | affected |
| Cisco | Cisco IOS XE Software | 16.8.1s | affected |
| Cisco | Cisco IOS XE Software | 16.8.2 | affected |
| Cisco | Cisco IOS XE Software | 16.8.3 | affected |
| Cisco | Cisco IOS XE Software | 16.9.1 | affected |
| Cisco | Cisco IOS XE Software | 16.9.2 | affected |
| Cisco | Cisco IOS XE Software | 16.9.1s | affected |
| Cisco | Cisco IOS XE Software | 16.9.3 | affected |
| Cisco | Cisco IOS XE Software | 16.9.4 | affected |
| Cisco | Cisco IOS XE Software | 16.9.5 | affected |
| Cisco | Cisco IOS XE Software | 16.9.6 | affected |
| Cisco | Cisco IOS XE Software | 16.9.7 | affected |
| Cisco | Cisco IOS XE Software | 16.9.8 | affected |
| Cisco | Cisco IOS XE Software | 16.10.1 | affected |
| Cisco | Cisco IOS XE Software | 16.10.1a | affected |
| Cisco | Cisco IOS XE Software | 16.10.1b | affected |
| Cisco | Cisco IOS XE Software | 16.10.1s | affected |
| Cisco | Cisco IOS XE Software | 16.10.1e | affected |
| Cisco | Cisco IOS XE Software | 16.10.2 | affected |
| Cisco | Cisco IOS XE Software | 16.10.3 | affected |
| Cisco | Cisco IOS XE Software | 16.11.1 | affected |
| Cisco | Cisco IOS XE Software | 16.11.1a | affected |
| Cisco | Cisco IOS XE Software | 16.11.1b | affected |
| Cisco | Cisco IOS XE Software | 16.11.2 | affected |
| Cisco | Cisco IOS XE Software | 16.11.1s | affected |
| Cisco | Cisco IOS XE Software | 16.12.1 | affected |
| Cisco | Cisco IOS XE Software | 16.12.1s | affected |
| Cisco | Cisco IOS XE Software | 16.12.1a | affected |
| Cisco | Cisco IOS XE Software | 16.12.1c | affected |
| Cisco | Cisco IOS XE Software | 16.12.2 | affected |
| Cisco | Cisco IOS XE Software | 16.12.3 | affected |
| Cisco | Cisco IOS XE Software | 16.12.8 | affected |
| Cisco | Cisco IOS XE Software | 16.12.2s | affected |
| Cisco | Cisco IOS XE Software | 16.12.4 | affected |
| Cisco | Cisco IOS XE Software | 16.12.3s | affected |
| Cisco | Cisco IOS XE Software | 16.12.4a | affected |
| Cisco | Cisco IOS XE Software | 16.12.5 | affected |
| Cisco | Cisco IOS XE Software | 16.12.6 | affected |
| Cisco | Cisco IOS XE Software | 16.12.7 | affected |
| Cisco | Cisco IOS XE Software | 17.1.1 | affected |
| Cisco | Cisco IOS XE Software | 17.1.1s | affected |
| Cisco | Cisco IOS XE Software | 17.1.1t | affected |
| Cisco | Cisco IOS XE Software | 17.1.3 | affected |
| Cisco | Cisco IOS XE Software | 17.2.1 | affected |
| Cisco | Cisco IOS XE Software | 17.2.1r | affected |
| Cisco | Cisco IOS XE Software | 17.2.1v | affected |
| Cisco | Cisco IOS XE Software | 17.2.2 | affected |
| Cisco | Cisco IOS XE Software | 17.2.3 | affected |
| Cisco | Cisco IOS XE Software | 17.3.1 | affected |
| Cisco | Cisco IOS XE Software | 17.3.2 | affected |
| Cisco | Cisco IOS XE Software | 17.3.3 | affected |
| Cisco | Cisco IOS XE Software | 17.3.1a | affected |
| Cisco | Cisco IOS XE Software | 17.3.4 | affected |
| Cisco | Cisco IOS XE Software | 17.3.5 | affected |
| Cisco | Cisco IOS XE Software | 17.3.4a | affected |
| Cisco | Cisco IOS XE Software | 17.3.6 | affected |
| Cisco | Cisco IOS XE Software | 17.3.7 | affected |
| Cisco | Cisco IOS XE Software | 17.3.8 | affected |
| Cisco | Cisco IOS XE Software | 17.3.8a | affected |
| Cisco | Cisco IOS XE Software | 17.4.1 | affected |
| Cisco | Cisco IOS XE Software | 17.4.2 | affected |
| Cisco | Cisco IOS XE Software | 17.4.1a | affected |
| Cisco | Cisco IOS XE Software | 17.4.1b | affected |
| Cisco | Cisco IOS XE Software | 17.5.1 | affected |
| Cisco | Cisco IOS XE Software | 17.5.1a | affected |
| Cisco | Cisco IOS XE Software | 17.6.1 | affected |
| Cisco | Cisco IOS XE Software | 17.6.2 | affected |
| Cisco | Cisco IOS XE Software | 17.6.1a | affected |
| Cisco | Cisco IOS XE Software | 17.6.3 | affected |
| Cisco | Cisco IOS XE Software | 17.6.3a | affected |
| Cisco | Cisco IOS XE Software | 17.6.4 | affected |
| Cisco | Cisco IOS XE Software | 17.6.5 | affected |
| Cisco | Cisco IOS XE Software | 17.6.6 | affected |
| Cisco | Cisco IOS XE Software | 17.6.6a | affected |
| Cisco | Cisco IOS XE Software | 17.6.5a | affected |
| Cisco | Cisco IOS XE Software | 17.7.1 | affected |
| Cisco | Cisco IOS XE Software | 17.7.1a | affected |
| Cisco | Cisco IOS XE Software | 17.7.2 | affected |
| Cisco | Cisco IOS XE Software | 17.10.1 | affected |
| Cisco | Cisco IOS XE Software | 17.10.1a | affected |
| Cisco | Cisco IOS XE Software | 17.10.1b | affected |
| Cisco | Cisco IOS XE Software | 17.8.1 | affected |
| Cisco | Cisco IOS XE Software | 17.8.1a | affected |
| Cisco | Cisco IOS XE Software | 17.9.1 | affected |
| Cisco | Cisco IOS XE Software | 17.9.2 | affected |
| Cisco | Cisco IOS XE Software | 17.9.1a | affected |
| Cisco | Cisco IOS XE Software | 17.9.3 | affected |
| Cisco | Cisco IOS XE Software | 17.9.2a | affected |
| Cisco | Cisco IOS XE Software | 17.9.3a | affected |
| Cisco | Cisco IOS XE Software | 17.9.4 | affected |
| Cisco | Cisco IOS XE Software | 17.9.4a | affected |
| Cisco | Cisco IOS XE Software | 17.11.1 | affected |
| Cisco | Cisco IOS XE Software | 17.11.1a | affected |
| Cisco | Cisco IOS XE Software | 17.12.1 | affected |
| Cisco | Cisco IOS XE Software | 17.12.1a | affected |
Weaknesses
- CWE-476: NULL Pointer Dereference
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.