CVE-2024-20496

EPSS 0.06%
Veröffentlicht 25.09.2024 17:15:18
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco SD-WAN vEdge Routers Denial of Service Vulnerability

A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system.

This vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An attacker in a machine-in-the-middle position could exploit this vulnerability by sending crafted UDP packets to an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition on the affected system.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 2 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerCisco

≫

Produkt Cisco SD-WAN vEdge Cloud

Default Statusunknown

Version 19.2.1

Status affected

Version 20.1.12

Status affected

Version 18.4.4

Status affected

Version 19.3.0

Status affected

Version 18.3.8

Status affected

Version 19.2.2

Status affected

Version 20.1.1

Status affected

Version 18.3.6

Status affected

Version 18.4.3

Status affected

Version 18.4.302

Status affected

Version 18.4.5

Status affected

Version 18.4.303

Status affected

Version 19.2.098

Status affected

Version 19.1.0

Status affected

Version 19.0.1a

Status affected

Version 19.2.099

Status affected

Version 18.3.7

Status affected

Version 19.2.097

Status affected

Version 18.3.1

Status affected

Version 19.2.0

Status affected

Version 18.3.4

Status affected

Version 18.2.0

Status affected

Version 18.4.1

Status affected

Version 18.4.0

Status affected

Version 18.3.5

Status affected

Version 18.3.3

Status affected

Version 18.3.0

Status affected

Version 19.2.3

Status affected

Version 20.3.1

Status affected

Version 20.1.2

Status affected

Version 19.2.929

Status affected

Version 19.2.31

Status affected

Version 20.3.2

Status affected

Version 19.2.32

Status affected

Version 18.4.6

Status affected

Version 20.4.1

Status affected

Version 19.2.4

Status affected

Version 20.4.1.1

Status affected

Version 20.3.3

Status affected

Version 20.5.1

Status affected

Version 20.1.3

Status affected

Version 20.4.1.2

Status affected

Version 20.4.2

Status affected

Version 20.3.4

Status affected

Version 20.6.1

Status affected

Version 20.6.2

Status affected

Version 20.7.1

Status affected

Version 20.3.5

Status affected

Version 20.6.3

Status affected

Version 20.8.1

Status affected

Version 20.7.2

Status affected

Version 20.6.4

Status affected

Version 20.9.1

Status affected

Version 20.3.6

Status affected

Version 20.9.1.1

Status affected

Version 20.9.2

Status affected

Version 20.6.5

Status affected

Version 20.3.7

Status affected

Version 20.9.3

Status affected

Version 20.4.2.3

Status affected

Version 20.3.4.3

Status affected

Version 20.6.4.1

Status affected

Version 20.6.3.2

Status affected

Version 20.3.5.1

Status affected

Version 20.9.3.1

Status affected

Version 20.6.5.2

Status affected

Version 20.3.7.1

Status affected

Version 20.3.3.2

Status affected

Version 20.6.1.2

Status affected

Version 20.1.3.1

Status affected

Version 20.9.2.2

Status affected

Version 20.6.5.3

Status affected

Version 20.6.3.3

Status affected

Version 20.3.7.2

Status affected

Version 20.6.5.4

Status affected

Version 20.9.2.3

Status affected

Version 20.3.8

Status affected

HerstellerCisco

≫

Produkt Cisco SD-WAN vEdge router

Default Statusunknown

Version 18.4.303

Status affected

Version 18.3.7

Status affected

Version 19.3.0

Status affected

Version 18.2.0

Status affected

Version 20.1.12

Status affected

Version 19.2.099

Status affected

Version 18.3.3

Status affected

Version 18.3.6

Status affected

Version 19.0.0

Status affected

Version 18.4.0

Status affected

Version 19.1.01

Status affected

Version 19.2.098

Status affected

Version 18.3.1

Status affected

Version 18.4.302

Status affected

Version 19.2.2

Status affected

Version 18.3.5

Status affected

Version 19.1.0

Status affected

Version 20.1.11

Status affected

Version 19.2.097

Status affected

Version 18.4.5

Status affected

Version 18.3.8

Status affected

Version 18.3.0

Status affected

Version 18.4.3

Status affected

Version 18.4.4

Status affected

Version 19.2.1

Status affected

Version 18.3.4

Status affected

Version 19.0.1a

Status affected

Version 20.1.1

Status affected

Version 18.4.1

Status affected

Version 19.2.0

Status affected

Version 19.2.3

Status affected

Version 20.3.1

Status affected

Version 20.1.2

Status affected

Version 19.2.929

Status affected

Version 19.2.31

Status affected

Version 20.3.2

Status affected

Version 19.2.32

Status affected

Version 18.4.6

Status affected

Version 20.4.1

Status affected

Version 19.2.4

Status affected

Version 20.4.1.1

Status affected

Version 20.3.3

Status affected

Version 20.5.1

Status affected

Version 20.1.3

Status affected

Version 20.4.1.2

Status affected

Version 20.4.2

Status affected

Version 20.3.4

Status affected

Version 20.6.1

Status affected

Version 20.6.2

Status affected

Version 20.7.1

Status affected

Version 20.7.1.2

Status affected

Version 20.3.5

Status affected

Version 20.9.1

Status affected

Version 20.6.3

Status affected

Version 20.8.1

Status affected

Version 20.7.2

Status affected

Version 20.6.4

Status affected

Version 20.3.6

Status affected

Version 20.9.2

Status affected

Version 20.6.5

Status affected

Version 20.3.7

Status affected

Version 20.9.3

Status affected

Version 20.6.5.1

Status affected

Version 20.3.3.2

Status affected

Version 20.6.4.1

Status affected

Version 20.6.3.2

Status affected

Version 20.3.4.3

Status affected

Version 20.6.5.2

Status affected

Version 20.9.3.1

Status affected

Version 20.3.7.1

Status affected

Version 20.3.5.1

Status affected

Version 20.4.2.3

Status affected

Version 20.6.1.2

Status affected

Version 20.9.2.2

Status affected

Version 20.1.3.1

Status affected

Version 20.6.5.3

Status affected

Version 20.6.3.3

Status affected

Version 20.3.7.2

Status affected

Version 20.6.5.4

Status affected

Version 20.9.2.3

Status affected

Version 20.3.8

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.175

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	6.1	1.6	4	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3

https://nvd.nist.gov/vuln/detail/CVE-2024-20496

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-20496

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-20496

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-20496