CVE-2024-20513
Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Targeted Denial of Service Vulnerability
Severity Score
5.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-11-08 CVE Reserved
- 2024-10-02 CVE Published
- 2024-10-02 CVE Updated
- 2024-10-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-639: Authorization Bypass Through User-Controlled Key
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Cisco Search vendor "Cisco" for product "Cisco" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx100 Firmware Search vendor "Cisco" for product "Meraki Mx100 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx105 Firmware Search vendor "Cisco" for product "Meraki Mx105 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx250 Firmware Search vendor "Cisco" for product "Meraki Mx250 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx400 Firmware Search vendor "Cisco" for product "Meraki Mx400 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx450 Firmware Search vendor "Cisco" for product "Meraki Mx450 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx600 Firmware Search vendor "Cisco" for product "Meraki Mx600 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx64 Firmware Search vendor "Cisco" for product "Meraki Mx64 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx64w Firmware Search vendor "Cisco" for product "Meraki Mx64w Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx65 Firmware Search vendor "Cisco" for product "Meraki Mx65 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx65w Firmware Search vendor "Cisco" for product "Meraki Mx65w Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx67 Firmware Search vendor "Cisco" for product "Meraki Mx67 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx67c Firmware Search vendor "Cisco" for product "Meraki Mx67c Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx67w Firmware Search vendor "Cisco" for product "Meraki Mx67w Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx68 Firmware Search vendor "Cisco" for product "Meraki Mx68 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx68cw Firmware Search vendor "Cisco" for product "Meraki Mx68cw Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx68w Firmware Search vendor "Cisco" for product "Meraki Mx68w Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx75 Firmware Search vendor "Cisco" for product "Meraki Mx75 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx84 Firmware Search vendor "Cisco" for product "Meraki Mx84 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx85 Firmware Search vendor "Cisco" for product "Meraki Mx85 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Mx95 Firmware Search vendor "Cisco" for product "Meraki Mx95 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Vmx Firmware Search vendor "Cisco" for product "Meraki Vmx Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Z3 Firmware Search vendor "Cisco" for product "Meraki Z3 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Z3c Firmware Search vendor "Cisco" for product "Meraki Z3c Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Z4 Firmware Search vendor "Cisco" for product "Meraki Z4 Firmware" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meraki Z4c Firmware Search vendor "Cisco" for product "Meraki Z4c Firmware" | * | - |
Affected
| ||||||