Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0833
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les périphériques Small Business RV340, RV340W, RV345, et RV345P Dual WAN Gigabit VPN ne sont plus supportés et ne seront pas mis à jour par Cisco.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Meraki MX | Meraki MX et Z versions postérieures à 16.2 et antérieures à 18.211.2 | ||
| Cisco | Nexus Dashboard Fabric Controller | Nexus Dashboard Fabric Controller versions 12.0 antérieures à 12.2.2 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Meraki MX et Z versions post\u00e9rieures \u00e0 16.2 et ant\u00e9rieures \u00e0 18.211.2",
"product": {
"name": "Meraki MX",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Nexus Dashboard Fabric Controller versions 12.0 ant\u00e9rieures \u00e0 12.2.2",
"product": {
"name": "Nexus Dashboard Fabric Controller",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "Les p\u00e9riph\u00e9riques Small Business RV340, RV340W, RV345, et RV345P Dual WAN Gigabit VPN ne sont plus support\u00e9s et ne seront pas mis \u00e0 jour par Cisco.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20501",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20501"
},
{
"name": "CVE-2024-20499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20499"
},
{
"name": "CVE-2024-20449",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20449"
},
{
"name": "CVE-2024-20393",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20393"
},
{
"name": "CVE-2024-20500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20500"
},
{
"name": "CVE-2024-20432",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20432"
},
{
"name": "CVE-2024-20502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20502"
},
{
"name": "CVE-2024-20513",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20513"
},
{
"name": "CVE-2024-20498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20498"
},
{
"name": "CVE-2024-20470",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20470"
}
],
"initial_release_date": "2024-10-03T00:00:00",
"last_revision_date": "2024-10-03T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0833",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": "2024-10-02",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ndfc-ptrce-BUSHLbp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-ptrce-BUSHLbp"
},
{
"published_at": "2024-10-02",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ndfc-cmdinj-UvYZrKfr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr"
},
{
"published_at": "2024-10-02",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
},
{
"published_at": "2024-10-02",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-rv34x-privesc-rce-qE33TCms",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms"
}
]
}
CVE-2024-20393 (GCVE-0-2024-20393)
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.01.17 Version: 1.0.03.17 Version: 1.0.01.16 Version: 1.0.01.18 Version: 1.0.00.29 Version: 1.0.03.16 Version: 1.0.03.15 Version: 1.0.02.16 Version: 1.0.01.20 Version: 1.0.00.33 Version: 1.0.03.18 Version: 1.0.03.19 Version: 1.0.03.20 Version: 1.0.03.21 Version: 1.0.03.22 Version: 1.0.03.24 Version: 1.0.03.26 Version: 1.0.03.27 Version: 1.0.03.28 Version: 1.0.03.29 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "1.0.01.17"
},
{
"status": "affected",
"version": "1.0.03.17"
},
{
"status": "affected",
"version": "1.0.01.16"
},
{
"status": "affected",
"version": "1.0.01.18"
},
{
"status": "affected",
"version": "1.0.00.29"
},
{
"status": "affected",
"version": "1.0.03.16"
},
{
"status": "affected",
"version": "1.0.03.15"
},
{
"status": "affected",
"version": "1.0.02.16"
},
{
"status": "affected",
"version": "1.0.01.20"
},
{
"status": "affected",
"version": "1.0.00.33"
},
{
"status": "affected",
"version": "1.0.03.18"
},
{
"status": "affected",
"version": "1.0.03.19"
},
{
"status": "affected",
"version": "1.0.03.20"
},
{
"status": "affected",
"version": "1.0.03.21"
},
{
"status": "affected",
"version": "1.0.03.22"
},
{
"status": "affected",
"version": "1.0.03.24"
},
{
"status": "affected",
"version": "1.0.03.26"
},
{
"status": "affected",
"version": "1.0.03.27"
},
{
"status": "affected",
"version": "1.0.03.28"
},
{
"status": "affected",
"version": "1.0.03.29"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:02:15.620891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:58:58.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.01.17"
},
{
"status": "affected",
"version": "1.0.03.17"
},
{
"status": "affected",
"version": "1.0.01.16"
},
{
"status": "affected",
"version": "1.0.01.18"
},
{
"status": "affected",
"version": "1.0.00.29"
},
{
"status": "affected",
"version": "1.0.03.16"
},
{
"status": "affected",
"version": "1.0.03.15"
},
{
"status": "affected",
"version": "1.0.02.16"
},
{
"status": "affected",
"version": "1.0.01.20"
},
{
"status": "affected",
"version": "1.0.00.33"
},
{
"status": "affected",
"version": "1.0.03.18"
},
{
"status": "affected",
"version": "1.0.03.19"
},
{
"status": "affected",
"version": "1.0.03.20"
},
{
"status": "affected",
"version": "1.0.03.21"
},
{
"status": "affected",
"version": "1.0.03.22"
},
{
"status": "affected",
"version": "1.0.03.24"
},
{
"status": "affected",
"version": "1.0.03.26"
},
{
"status": "affected",
"version": "1.0.03.27"
},
{
"status": "affected",
"version": "1.0.03.28"
},
{
"status": "affected",
"version": "1.0.03.29"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:04.527Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-rv34x-privesc-rce-qE33TCms",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms"
}
],
"source": {
"advisory": "cisco-sa-rv34x-privesc-rce-qE33TCms",
"defects": [
"CSCwm27935"
],
"discovery": "EXTERNAL"
},
"title": "Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20393",
"datePublished": "2024-10-02T16:53:04.527Z",
"dateReserved": "2023-11-08T15:08:07.659Z",
"dateUpdated": "2024-10-02T19:58:58.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20498 (GCVE-0-2024-20498)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-415 - Double Free
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.
Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_mx",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_z1",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20498",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:07:18.453595Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:08:07.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\n These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Double Free",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:18:52.655Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20498",
"datePublished": "2024-10-02T18:23:11.523Z",
"dateReserved": "2023-11-08T15:08:07.686Z",
"dateUpdated": "2025-06-04T20:18:52.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20501 (GCVE-0-2024-20501)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.
Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_mx",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_z1",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:01:58.939883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:03:03.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\n These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:19:33.645Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20501",
"datePublished": "2024-10-02T18:23:35.875Z",
"dateReserved": "2023-11-08T15:08:07.687Z",
"dateUpdated": "2025-06-04T20:19:33.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20500 (GCVE-0-2024-20500)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.
Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_mx",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_z1",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:05:10.593025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:05:52.477Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\n This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:19:21.359Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20500",
"datePublished": "2024-10-02T18:23:19.259Z",
"dateReserved": "2023-11-08T15:08:07.687Z",
"dateUpdated": "2025-06-04T20:19:21.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20502 (GCVE-0-2024-20502)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.
Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_mx",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_z1",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:59:14.837416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:01:09.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\n This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:19:41.825Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20502",
"datePublished": "2024-10-02T18:23:45.163Z",
"dateReserved": "2023-11-08T15:08:07.687Z",
"dateUpdated": "2025-06-04T20:19:41.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20449 (GCVE-0-2024-20449)
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 19:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-23 - Relative Path Traversal
Summary
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device.
This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secure Copy Protocol (SCP) to upload malicious code to an affected device using path traversal techniques. A successful exploit could allow the attacker to execute arbitrary code in a specific container with the privileges of root.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_center_network_manager",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:01:03.051565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:33:43.750Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device.\r\n\r\nThis vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secure Copy Protocol (SCP) to upload malicious code to an affected device using path traversal techniques. A successful exploit could allow the attacker to execute arbitrary\u0026nbsp;code in a specific container with the privileges of root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Relative Path Traversal",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:50.760Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-ptrce-BUSHLbp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-ptrce-BUSHLbp"
}
],
"source": {
"advisory": "cisco-sa-ndfc-ptrce-BUSHLbp",
"defects": [
"CSCwk04223"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20449",
"datePublished": "2024-10-02T16:54:50.760Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-10-02T19:33:43.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20499 (GCVE-0-2024-20499)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.
Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_mx",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "meraki_z1",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:03:30.783849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:04:46.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\n These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:19:09.263Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20499",
"datePublished": "2024-10-02T18:23:26.563Z",
"dateReserved": "2023-11-08T15:08:07.686Z",
"dateUpdated": "2025-06-04T20:19:09.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20470 (GCVE-0-2024-20470)
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 19:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-146 - Improper Neutralization of Expression/Command Delimiters
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit this vulnerability, the attacker must have valid admin credentials.
This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.01.17 Version: 1.0.03.17 Version: 1.0.01.16 Version: 1.0.01.18 Version: 1.0.00.29 Version: 1.0.03.16 Version: 1.0.03.15 Version: 1.0.02.16 Version: 1.0.01.20 Version: 1.0.00.33 Version: 1.0.03.18 Version: 1.0.03.19 Version: 1.0.03.20 Version: 1.0.03.21 Version: 1.0.03.22 Version: 1.0.03.24 Version: 1.0.03.26 Version: 1.0.03.27 Version: 1.0.03.28 Version: 1.0.03.29 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-20470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:58:00.677132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:18:33.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.01.17"
},
{
"status": "affected",
"version": "1.0.03.17"
},
{
"status": "affected",
"version": "1.0.01.16"
},
{
"status": "affected",
"version": "1.0.01.18"
},
{
"status": "affected",
"version": "1.0.00.29"
},
{
"status": "affected",
"version": "1.0.03.16"
},
{
"status": "affected",
"version": "1.0.03.15"
},
{
"status": "affected",
"version": "1.0.02.16"
},
{
"status": "affected",
"version": "1.0.01.20"
},
{
"status": "affected",
"version": "1.0.00.33"
},
{
"status": "affected",
"version": "1.0.03.18"
},
{
"status": "affected",
"version": "1.0.03.19"
},
{
"status": "affected",
"version": "1.0.03.20"
},
{
"status": "affected",
"version": "1.0.03.21"
},
{
"status": "affected",
"version": "1.0.03.22"
},
{
"status": "affected",
"version": "1.0.03.24"
},
{
"status": "affected",
"version": "1.0.03.26"
},
{
"status": "affected",
"version": "1.0.03.27"
},
{
"status": "affected",
"version": "1.0.03.28"
},
{
"status": "affected",
"version": "1.0.03.29"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit this vulnerability, the attacker must have valid admin credentials.\r\n\r\nThis vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-146",
"description": "Improper Neutralization of Expression/Command Delimiters",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:58.682Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-rv34x-privesc-rce-qE33TCms",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms"
}
],
"source": {
"advisory": "cisco-sa-rv34x-privesc-rce-qE33TCms",
"defects": [
"CSCwk99655"
],
"discovery": "EXTERNAL"
},
"title": "Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20470",
"datePublished": "2024-10-02T16:54:58.682Z",
"dateReserved": "2023-11-08T15:08:07.681Z",
"dateUpdated": "2024-10-02T19:18:33.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20432 (GCVE-0-2024-20432)
Vulnerability from cvelistv5
Published
2024-10-02 16:53
Modified
2024-10-02 19:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.
This vulnerability is due to improper user authorization and insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted commands to an affected REST API endpoint or through the web UI. A successful exploit could allow the attacker to execute arbitrary commands on the CLI of a Cisco NDFC-managed device with network-admin privileges.
Note: This vulnerability does not affect Cisco NDFC when it is configured for storage area network (SAN) controller deployment.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Data Center Network Manager |
Version: 12.1(1) Version: 12.0.1a Version: 12.0.2d Version: 12.0.2f Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_center_network_manager",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:01:38.795750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:49:19.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper user authorization and insufficient validation of command arguments. An attacker could exploit this vulnerability by submitting crafted commands to an affected REST API endpoint or through the web UI. A successful exploit could allow the attacker to execute arbitrary commands on the CLI of a Cisco NDFC-managed device with network-admin privileges.\r\n\u0026nbsp;\r\nNote: This vulnerability does not affect Cisco NDFC when it is configured for storage area network (SAN) controller deployment."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:53:15.038Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-cmdinj-UvYZrKfr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr"
}
],
"source": {
"advisory": "cisco-sa-ndfc-cmdinj-UvYZrKfr",
"defects": [
"CSCwj10299"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Web UI Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20432",
"datePublished": "2024-10-02T16:53:15.038Z",
"dateReserved": "2023-11-08T15:08:07.667Z",
"dateUpdated": "2024-10-02T19:49:19.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20513 (GCVE-0-2024-20513)
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2025-06-04 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.
This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Version: N/A |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:48:03.244649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:48:23.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\n This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:19:53.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20513",
"datePublished": "2024-10-02T18:23:54.411Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2025-06-04T20:19:53.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…