{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T20:11:14.901","vulnerabilities":[{"cve":{"id":"CVE-2026-20074","sourceIdentifier":"psirt@cisco.com","published":"2026-03-11T17:16:55.470","lastModified":"2026-03-12T21:08:22.643","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly.\r\n\r\nThis vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending crafted IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process to restart unexpectedly, resulting in a temporary loss of connectivity to advertised networks and a denial of service (DoS) condition.\r\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency.&nbsp;&nbsp;"},{"lang":"es","value":"Una vulnerabilidad en la función de enrutamiento multi-instancia de Intermediate System-to-Intermediate System (IS-IS) de Cisco IOS XR Software podría permitir a un atacante no autenticado y adyacente causar que el proceso IS-IS se reinicie inesperadamente.\n\nEsta vulnerabilidad se debe a una validación de entrada insuficiente de los paquetes IS-IS de entrada. Un atacante podría explotar esta vulnerabilidad enviando paquetes IS-IS manipulados a un dispositivo afectado después de formar una adyacencia. Un exploit exitoso podría permitir al atacante causar que el proceso IS-IS se reinicie inesperadamente, lo que resultaría en una pérdida temporal de conectividad a las redes anunciadas y una condición de denegación de servicio (DoS).\nNota: El protocolo IS-IS es un protocolo de enrutamiento. Para explotar esta vulnerabilidad, un atacante debe ser adyacente en Capa 2 al dispositivo afectado y debe haber formado una adyacencia."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.0}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-1287"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-dos-kDMxpSzK","source":"psirt@cisco.com"}]}}]}