cbcvebase.

Cisco Meraki Mx100 Firmware vulnerabilities

8 known vulnerabilities affecting cisco/meraki_mx100_firmware.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH6MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2022-20933P2HIGHCVSS 8.6Exploited≥ 16.2.0, < 16.16.6≥ 17.0.0, < 17.10.12022-10-26
CVE-2022-20933 [HIGH] CWE-234 CVE-2022-20933: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session
nvd
CVE-2024-20502P3HIGHCVSS 7.5≥ 16.2, < 18.211.22024-10-02
CVE-2024-20502 [HIGH] CWE-400 CVE-2024-20502: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Tele A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vul
nvd
CVE-2024-20500P3HIGHCVSS 7.5≥ 16.2, < 18.211.22024-10-02
CVE-2024-20500 [HIGH] CWE-400 CVE-2024-20500: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Tele A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attack
nvd
CVE-2024-20501P3HIGHCVSS 7.5≥ 16.2, < 18.211.22024-10-02
CVE-2024-20501 [HIGH] CWE-787 CVE-2024-20501: Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Se Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while estab
nvd
CVE-2024-20498P3HIGHCVSS 7.5≥ 16.2, < 18.211.22024-10-02
CVE-2024-20498 [HIGH] CWE-415 CVE-2024-20498: Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Se Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while estab
nvd
CVE-2024-20499P3HIGHCVSS 7.5≥ 16.2, < 18.211.22024-10-02
CVE-2024-20499 [HIGH] CWE-787 CVE-2024-20499: Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Se Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while estab
nvd
CVE-2024-20509P4MEDIUMCVSS 5.9≥ 16.2, < 18.211.22024-10-02
CVE-2024-20509 [MEDIUM] CWE-362 CVE-2024-20509: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Tele A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due
nvd
CVE-2024-20513P4MEDIUMCVSS 5.3≥ 16.2, < 18.211.22024-10-02
CVE-2024-20513 [MEDIUM] CWE-639 CVE-2024-20513: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Tele A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SS
nvd
Cisco Meraki Mx100 Firmware vulnerabilities | cvebase