发布日期：2020-09-24
更新日期：2020-10-10

受影响系统：

Cisco 1000 Series Integrated Services Routers
Cisco Cloud Services Router 1000V Series
Cisco Integrated Services Virtual Routers
Cisco 1100 Series Industrial Integrated Services Routers
Cisco 1100 Terminal Services Gateways
Cisco 4221 Integrated Services Routers
Cisco 4300 Series Integrated Services Routers
Cisco Catalyst 9800-L and 9800-CL Wireless Controllers
Cisco ESR6300 Embedded Series Routers
Cisco VG400 Analog Voice Gateways

描述：

---

CVE(CAN) ID: CVE-2020-3465

Cisco IOS XE是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。
Cisco IOS XE软件存在拒绝服务漏洞。该漏洞源于程序未对某些有效的但不典型的以太网帧进行正确处理。未经身份认证的相邻攻击者可通过将以太网帧发送到以太网段利用该漏洞造成设备重新加载，从而导致拒绝服务（DoS）。以下产品受到影响：1000 Series Integrated Services Routers、1100 Series Industrial Integrated Services Routers、1100 Terminal Services Gateways、4221 Integrated Services Routers、4300 Series Integrated Services Routers、Catalyst 9800-L and 9800-CL Wireless Controllers (no other models are affected)、Cloud Services Router 1000V Series、ESR6300 Embedded Series Routers、Integrated Services Virtual Routers、VG400 Analog Voice Gateways

<*来源：Cisco
  
  链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-le-drTOB625）以及相应补丁:
cisco-sa-le-drTOB625：Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability
链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625

浏览次数：1064
严重程度：0（网友投票）