Main Vulnerability Database Vulnerabilities #VU97731

#VU97731 State Issues in Cisco Systems, Inc products - CVE-2024-20455

Published: September 26, 2024

Vulnerability identifier: #VU97731

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2024-20455

CWE-ID: CWE-371

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco IOS XE
Cisco 1000 Series Integrated Services Routers
Catalyst 8000V Edge Software
Catalyst 8200 Series Edge Platforms
Catalyst 8300 Series Edge Platforms
Catalyst 8500L Series Edge Platforms
Catalyst IR8300 Rugged Series Routers

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perofrm a denial of service (DoS) attack.

The vulnerability exists due to the Unified Threat Defense (UTD) improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. A remote attacker can cause a denial of service condition.

Remediation

Install update from vendor's website.

External links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs

#VU97731 State Issues in Cisco Systems, Inc products - CVE-2024-20455

Description

Remediation

External links

Please verify you're human