发布日期：2020-08-19
更新日期：2020-09-14

受影响系统：

Cisco 550X Series Stackable Managed Switches
Cisco Small Business 300 Series Managed Switches
Cisco Small Business 200 Series Smart Switches
Cisco 250 Series Smart Switches
Cisco 350 Series Managed Switches
Cisco 350X Series Stackable Managed Switches
Cisco Small Business 500 Series Stackable Managed Switches

描述：

---

CVE(CAN) ID: CVE-2020-3496

Cisco Small Business Series Switches是美国思科公司的一款管理型交换机产品。
Cisco Small Business Smart and Managed Switches的IPv6数据包处理引擎中存在拒绝服务漏洞。该漏洞源于程序未对IPv6输入流量进行正确验证。未经身份认证的远程攻击者可利用该漏洞通过向受影响的设备发送特制的IPv6数据包造成交换机意外重启，导致拒绝服务（DoS）。

<*来源：Cisco
  
  链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbff
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-sbss-ipv6-dos-tsgqbffW）以及相应补丁:
cisco-sa-sbss-ipv6-dos-tsgqbffW：Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability
链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbff

浏览次数：908
严重程度：0（网友投票）