CVE-2023-20262
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.
This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.
Una vulnerabilidad en el servicio SSH de Cisco Catalyst SD-WAN Manager podría permitir que un atacante remoto no autenticado provoque una falla del proceso, lo que resultaría en una condición de DoS solo para el acceso SSH. Esta vulnerabilidad no impide que el sistema siga funcionando y el acceso a la interfaz de usuario web no se ve afectado. Esta vulnerabilidad se debe a una gestión insuficiente de los recursos cuando un sistema afectado se encuentra en una condición de error. Un atacante podría aprovechar esta vulnerabilidad enviando tráfico malicioso al sistema afectado. Un exploit exitoso podría permitir al atacante provocar que el proceso SSH se bloquee y se reinicie, lo que resultaría en una condición DoS para el servicio SSH.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-27 CVE Reserved
- 2023-09-27 CVE Published
- 2024-08-02 CVE Updated
- 2024-10-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Catalyst Sd-wan Manager Search vendor "Cisco" for product "Catalyst Sd-wan Manager" | >= 20.4 < 20.9.3 Search vendor "Cisco" for product "Catalyst Sd-wan Manager" and version " >= 20.4 < 20.9.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Sd-wan Vmanage Search vendor "Cisco" for product "Sd-wan Vmanage" | < 20.3.7 Search vendor "Cisco" for product "Sd-wan Vmanage" and version " < 20.3.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Sd-wan Vmanage Search vendor "Cisco" for product "Sd-wan Vmanage" | >= 20.10 < 20.11.1 Search vendor "Cisco" for product "Sd-wan Vmanage" and version " >= 20.10 < 20.11.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Sd-wan Vmanage Search vendor "Cisco" for product "Sd-wan Vmanage" | 20.12 Search vendor "Cisco" for product "Sd-wan Vmanage" and version "20.12" | - |
Affected
| ||||||