Cisco SD-WAN vEdge Router Deep Packet Inspection Malformed Packet state issue
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.8 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in Cisco SD-WAN vEdge Router and classified as problematic. This affects an unknown part of the component Deep Packet Inspection. Performing a manipulation as part of Malformed Packet results in state issue. This vulnerability is identified as CVE-2020-3385. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.
Details
A vulnerability was found in Cisco SD-WAN vEdge Router (Router Operating System) (the affected version unknown). It has been classified as problematic. This affects an unknown part of the component Deep Packet Inspection. The manipulation as part of a Malformed Packet leads to a state issue vulnerability. CWE is classifying the issue as CWE-371. This is going to have an impact on availability. The summary by CVE is:
A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted packets through an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition.
The weakness was released 07/16/2020 as cisco-sa-vedgfpdos-PkqQrnwV as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is uniquely identified as CVE-2020-3385 since 12/12/2019. The attack needs to be done within the local network. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available.
Upgrading eliminates this vulnerability.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.cisco.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.1VulDB Meta Temp Score: 5.9
VulDB Base Score: 4.7
VulDB Temp Score: 4.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.4
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: State issueCWE: CWE-371
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
12/12/2019 🔍07/16/2020 🔍
07/17/2020 🔍
11/04/2020 🔍
Sources
Vendor: cisco.comAdvisory: cisco-sa-vedgfpdos-PkqQrnwV
Status: Confirmed
CVE: CVE-2020-3385 (🔍)
GCVE (CVE): GCVE-0-2020-3385
GCVE (VulDB): GCVE-100-158721
Entry
Created: 07/17/2020 12:11Updated: 11/04/2020 11:21
Changes: 07/17/2020 12:11 (40), 07/17/2020 12:16 (12), 11/04/2020 11:21 (1)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.