MEDIUM✓ PATCH🇬🇧 English

CVE-2020-3385

CVSS 6.5v3.1pub. 2020-07-16upd. 2024-11-21

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted packets through an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Cisco Sd Wan Firmware

    OS
    Cisco
    ≤ 18.3.018.4.0 – 18.4.5 (bez)19.2.0 – 19.2.3 (bez)19.3.0 – 20.1.1 (bez)
  • Cisco Vedge 5000

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge Cloud Router

    APP
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2021-1300CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute a...

CVE-2021-1301CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute a...

CVE-2021-1528HIGH7.8ten sam produkt

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain eleva...

CVE-2021-1510HIGH7.5ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as t...

CVE-2021-1509HIGH7.5ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as t...