CVE-2024-20455

CWE-3714 documents4 sources
Severity
8.6HIGH
EPSS
0.9%
top 24.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Cisco IOS XE Catalyst Sd-wanCisco Cisco IOS XE SoftwareCisco IOS XE+1 more
Timeline
PublishedSep 25

Description

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel t

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

CVEListV5cisco/cisco_ios_xe_software87 versions+86
NVDcisco/ios_xe87 versions+86
NVDcisco/ios_xe_sd-wan14 versions+13
CVEListV5cisco/cisco_ios_xe_catalyst_sd-wan14 versions+13

🔴Vulnerability Details

2
CVEList
CVE-2024-20455: A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in control2024-09-25
GHSA
GHSA-j9wc-h525-rvc7: A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in control2024-09-25

📋Vendor Advisories

1
Cisco
Cisco Catalyst SD-WAN Routers Denial of Service Vulnerability2024-09-25
CVE-2024-20455 (HIGH CVSS 8.6) | A vulnerability in the process that | cvebase.io