CVE-2020-3369
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP packets through an affected device. A successful exploit could allow the attacker to make the device reboot continuously, causing a DoS condition.
Una vulnerabilidad en el motor deep packet inspection (DPI) de Cisco SD-WAN vEdge Routers, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al procesamiento incorrecto del tráfico FTP. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes FTP diseñados a través de un dispositivo afectado. Una explotación con éxito podría permitir a un atacante causar que el dispositivo se reinicie continuamente, causando una condición DoS
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2019-12-12 CVE Reserved
- 2020-07-16 CVE Published
- 2023-04-01 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-118: Incorrect Access of Indexable Resource ('Range Error')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f | 2020-07-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Sd-wan Firmware Search vendor "Cisco" for product "Sd-wan Firmware" | 19.2.0 Search vendor "Cisco" for product "Sd-wan Firmware" and version "19.2.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 5000 Search vendor "Cisco" for product "Vedge 5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Sd-wan Firmware Search vendor "Cisco" for product "Sd-wan Firmware" | 19.2.1 Search vendor "Cisco" for product "Sd-wan Firmware" and version "19.2.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 5000 Search vendor "Cisco" for product "Vedge 5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Sd-wan Firmware Search vendor "Cisco" for product "Sd-wan Firmware" | 19.2.097 Search vendor "Cisco" for product "Sd-wan Firmware" and version "19.2.097" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 5000 Search vendor "Cisco" for product "Vedge 5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Sd-wan Firmware Search vendor "Cisco" for product "Sd-wan Firmware" | 19.2.098 Search vendor "Cisco" for product "Sd-wan Firmware" and version "19.2.098" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 5000 Search vendor "Cisco" for product "Vedge 5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge Cloud Router Search vendor "Cisco" for product "Vedge Cloud Router" | - | - |
Affected
| ||||||