We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-20436



Description

A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a null pointer dereference when accessing specific URLs. An attacker could exploit this vulnerability by sending crafted HTTP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a DoS condition on the affected device.

Reserved 2023-11-08 | Published 2024-09-25 | Updated 2024-09-25 | Assigner cisco


HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

NULL Pointer Dereference

Product status

3.9.1S
affected

3.9.2S
affected

3.9.0aS
affected

3.10.0S
affected

3.10.1S
affected

3.10.2S
affected

3.10.3S
affected

3.10.4S
affected

3.10.5S
affected

3.10.6S
affected

3.10.2tS
affected

3.10.7S
affected

3.10.8S
affected

3.10.8aS
affected

3.10.9S
affected

3.10.10S
affected

3.11.1S
affected

3.11.2S
affected

3.11.0S
affected

3.11.3S
affected

3.11.4S
affected

3.12.0S
affected

3.12.1S
affected

3.12.2S
affected

3.12.3S
affected

3.12.4S
affected

3.13.0S
affected

3.13.1S
affected

3.13.2S
affected

3.13.3S
affected

3.13.4S
affected

3.13.5S
affected

3.13.6S
affected

3.13.7S
affected

3.13.6aS
affected

3.13.8S
affected

3.13.9S
affected

3.13.10S
affected

3.14.0S
affected

3.14.1S
affected

3.14.2S
affected

3.14.3S
affected

3.14.4S
affected

3.15.0S
affected

3.15.1S
affected

3.15.2S
affected

3.15.1cS
affected

3.15.3S
affected

3.15.4S
affected

3.16.0S
affected

3.16.1aS
affected

3.16.2S
affected

3.16.0cS
affected

3.16.3S
affected

3.16.4aS
affected

3.16.4bS
affected

3.16.5S
affected

3.16.4dS
affected

3.16.6S
affected

3.16.7S
affected

3.16.6bS
affected

3.16.7aS
affected

3.16.7bS
affected

3.16.8S
affected

3.16.9S
affected

3.16.10S
affected

3.17.0S
affected

3.17.1S
affected

3.17.2S
affected

3.17.3S
affected

3.17.4S
affected

16.2.1
affected

16.2.2
affected

16.3.1
affected

16.3.2
affected

16.3.3
affected

16.3.1a
affected

16.3.4
affected

16.3.5
affected

16.3.6
affected

16.3.7
affected

16.3.8
affected

16.3.9
affected

16.3.10
affected

16.3.11
affected

16.4.1
affected

16.4.2
affected

16.4.3
affected

16.5.1
affected

16.5.1b
affected

16.5.2
affected

16.5.3
affected

3.18.2aSP
affected

16.6.1
affected

16.6.2
affected

16.6.3
affected

16.6.4
affected

16.6.5
affected

16.6.6
affected

16.6.7
affected

16.6.8
affected

16.6.9
affected

16.6.10
affected

16.7.1
affected

16.7.2
affected

16.7.3
affected

16.8.1
affected

16.8.1s
affected

16.8.2
affected

16.8.3
affected

16.9.1
affected

16.9.2
affected

16.9.1s
affected

16.9.3
affected

16.9.4
affected

16.9.5
affected

16.9.6
affected

16.9.7
affected

16.9.8
affected

16.10.1
affected

16.10.1a
affected

16.10.1b
affected

16.10.1s
affected

16.10.1e
affected

16.10.2
affected

16.10.3
affected

16.11.1
affected

16.11.1a
affected

16.11.1b
affected

16.11.2
affected

16.11.1s
affected

16.12.1
affected

16.12.1s
affected

16.12.1a
affected

16.12.1c
affected

16.12.2
affected

16.12.3
affected

16.12.8
affected

16.12.2s
affected

16.12.4
affected

16.12.3s
affected

16.12.4a
affected

16.12.5
affected

16.12.6
affected

16.12.7
affected

17.1.1
affected

17.1.1s
affected

17.1.1t
affected

17.1.3
affected

17.2.1
affected

17.2.1r
affected

17.2.1v
affected

17.2.2
affected

17.2.3
affected

17.3.1
affected

17.3.2
affected

17.3.3
affected

17.3.1a
affected

17.3.4
affected

17.3.5
affected

17.3.4a
affected

17.3.6
affected

17.3.7
affected

17.3.8
affected

17.3.8a
affected

17.4.1
affected

17.4.2
affected

17.4.1a
affected

17.4.1b
affected

17.5.1
affected

17.5.1a
affected

17.6.1
affected

17.6.2
affected

17.6.1a
affected

17.6.3
affected

17.6.3a
affected

17.6.4
affected

17.6.5
affected

17.6.6
affected

17.6.6a
affected

17.6.5a
affected

17.7.1
affected

17.7.1a
affected

17.7.2
affected

17.10.1
affected

17.10.1a
affected

17.10.1b
affected

17.8.1
affected

17.8.1a
affected

17.9.1
affected

17.9.2
affected

17.9.1a
affected

17.9.3
affected

17.9.2a
affected

17.9.3a
affected

17.9.4
affected

17.9.4a
affected

17.11.1
affected

17.11.1a
affected

17.12.1
affected

17.12.1a
affected

References

sec.cloudapps.cisco.com/...ory/cisco-sa-httpsrvr-dos-yOZThut (cisco-sa-httpsrvr-dos-yOZThut)

cve.org (CVE-2024-20436)

nvd.nist.gov (CVE-2024-20436)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-20436

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.