CVE-2020-3363

Name of the Vulnerable Software and Affected Versions: Cisco Small Business Smart and Managed Switches (affected versions not specified) Cisco Small Business 250 Series (affected versions not specified) Cisco Small Business 350 Series (affected versions not specified) Cisco Small Business 350X Series (affected versions not specified) Cisco Small Business 550X Series (affected versions not specified)

Description: A vulnerability in the IPv6 packet processing engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The issue is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this by sending a crafted IPv6 packet through an affected device, potentially causing an unexpected reboot of the switch and leading to a DoS condition. This issue is specific to IPv6 traffic and does not affect IPv4 traffic.

Recommendations: For Cisco Small Business Smart and Managed Switches, consider temporarily restricting the processing of IPv6 traffic until a patch is available. For Cisco Small Business 250 Series, disable IPv6 packet processing if possible, to minimize the risk of exploitation. For Cisco Small Business 350 Series, restrict access to the device from untrusted IPv6 sources. For Cisco Small Business 350X Series, avoid using IPv6 traffic for critical operations until the issue is resolved. For Cisco Small Business 550X Series, consider implementing additional security measures to detect and prevent crafted IPv6 packets. At the moment, there is no information about a newer version that contains a fix for this vulnerability.