CVE-2020-3351Uncontrolled Resource Consumption in Cisco Sd-wan Firmware

CWE-399CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.6%
top 31.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Sd-wan FirmwareCisco Sd-wan Solution
Timeline
PublishedJul 16
Latest updateMay 24

Description

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDcisco/sd-wan_firmware17.2.818.3.0+1

🔴Vulnerability Details

2
GHSA
GHSA-6j89-cjff-693q: A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition2022-05-24
CVEList
Cisco SD-WAN Solution Software Denial of Service Vulnerability2020-07-16

📋Vendor Advisories

1
Cisco
Cisco SD-WAN Solution Software Denial of Service Vulnerability2020-07-15
CVE-2020-3351 — Uncontrolled Resource Consumption | cvebase