Vulnerabilities > CVE-2020-3369 - Unspecified vulnerability in Cisco Sd-Wan Firmware and Vedge Cloud Router

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

NVD

Published: 2020-07-16

Updated: 2020-07-24

Summary

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP packets through an affected device. A successful exploit could allow the attacker to make the device reboot continuously, causing a DoS condition.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco SD WAN Firmware 19.2.0 Cisco SD WAN Firmware 19.2.1 Cisco SD WAN Firmware 19.2.097 Cisco SD WAN Firmware 19.2.098	4
Hardware	Cisco Cisco Vedge 5000 -	1
Application	Cisco Cisco Vedge Cloud Router -	1

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f