CVE-2020-3358
published 2020-07-16CVE-2020-3358: A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause…
PriorityP348high8.6CVSS 3.1
AVNACLPRNUINSCCNINAH
EPSS
1.35%
68.0th percentile
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_small_business_rv_series_router_firmware | — | — |
| cisco | rv340_dual_wan_gigabit_vpn_router_firmware | < 1.0.03.18 | 1.0.03.18 |
| cisco | rv340_rv340w_rv345_and_rv345p_dual_wan_gigabit_vpn_routers_ssl | — | — |
| cisco | rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware | < 1.0.03.18 | 1.0.03.18 |
| cisco | rv345_dual_wan_gigabit_vpn_router_firmware | < 1.0.03.18 | 1.0.03.18 |
| cisco | rv345p_dual_wan_gigabit_poe_vpn_router_firmware | < 1.0.03.18 | 1.0.03.18 |
CVSS provenance
nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
vendor_cisco8.6HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Cisco
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
vendor_cisco·2020-07-15·CVSS 8.6
CVE-2020-3358 [HIGH] CWE-20 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition.
The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.
Cisco has released software updates that address the vulnerability described in this advisory. There are no workarounds that address this vulnerability.
Cisco
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
vendor_cisco·CVSS 3.1
CVE-2020-3358 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
CVE-2020-3358: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition. Cisco has released software updates that address the vulnerability described in this advisory. There are no
CVSS: 3.1
CWE: CWE-20, CWE-20
Bu
GHSA
GHSA-rjmm-h25r-cqxf: A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker
ghsa_unreviewed·2022-05-24
CVE-2020-3358 [HIGH] CWE-20 GHSA-rjmm-h25r-cqxf: A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-14296 CloudForms: Server-Side Request Forgery (SSRF) in Ansible Tower Provider
bugzilla·2020-06-17·CVSS 7.1
CVE-2020-14296 [HIGH] CVE-2020-14296 CloudForms: Server-Side Request Forgery (SSRF) in Ansible Tower Provider
CVE-2020-14296 CloudForms: Server-Side Request Forgery (SSRF) in Ansible Tower Provider
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
Discussion:
Acknowledgments:
Name: Purnachand Pulahari (IBM), Ranjit Kumar Singh (IBM)
---
Mitigation:
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
---
This issue has been addressed in the following products:
CloudForms Management Engine 5.11
Via RHSA-2020:3358 https://acce
Bugzilla
CVE-2020-10780 CloudForms: CSV Injection in Orchestration Templates
bugzilla·2020-06-17·CVSS 6.3
CVE-2020-10780 [MEDIUM] CVE-2020-10780 CloudForms: CSV Injection in Orchestration Templates
CVE-2020-10780 CloudForms: CSV Injection in Orchestration Templates
Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affects the application directly, attackers could use the loosely validated parameters to trigger several attack possibilities.
Discussion:
Acknowledgments:
Name: Purnachand Pulahari (IBM), Ranjit Kumar Singh (IBM)
---
This issue has been addressed in the following products:
CloudForms Management Engine 5.11
Via RHSA-2020:3358 https://access.redhat.com/errata/RHSA-2020:3358
---
This bug is now closed. Further updates for indivi
Bugzilla
CVE-2020-10777 CloudForms: Cross Site Scripting in report menu title / HTML Code Injection
bugzilla·2020-06-16·CVSS 5.4
CVE-2020-10777 [MEDIUM] CVE-2020-10777 CloudForms: Cross Site Scripting in report menu title / HTML Code Injection
CVE-2020-10777 CloudForms: Cross Site Scripting in report menu title / HTML Code Injection
A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms.
Discussion:
Upstream patch: https://github.com/ManageIQ/manageiq-ui-classic/pull/3900
---
Acknowledgments:
Name: Purnachand Pulahari (IBM), Ranjit Kumar Singh (IBM)
---
This issue has been addressed in the following products:
CloudForms Management Engine 5.11
Via RHSA-2020:3358 https://access.redhat.com/errata/RHSA-2020:3358
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2020-10777
Bugzilla
CVE-2020-10778 CloudForms: Business logic bypass through widgets
bugzilla·2020-06-16·CVSS 6.0
CVE-2020-10778 [MEDIUM] CVE-2020-10778 CloudForms: Business logic bypass through widgets
CVE-2020-10778 CloudForms: Business logic bypass through widgets
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior.
Discussion:
Acknowledgments:
Name: Purnachand Pulahari (IBM), Ranjit Kumar Singh (IBM)
---
This issue has been addressed in the following products:
CloudForms Management Engine 5.11
Via RHSA-2020:3358 https://access.redhat.com/errata/RHSA-2020:3358
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2020-10778
---
This issue has been addressed in the following products:
CloudFor
2020-07-16
Published