admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-204xx/CVE-2024-20496.json
cad-safe-bot 0c245865ae Auto-Update: 2025-01-26T03:00:19.791548+00:00
2025-01-26 03:03:52 +00:00

60 lines
2.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-20496",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-09-25T17:15:18.020",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An attacker in a machine-in-the-middle position could exploit this vulnerability by sending crafted UDP packets to an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition on the affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el c\u00f3digo de validaci\u00f3n de paquetes UDP del software Cisco SD-WAN vEdge podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. Esta vulnerabilidad se debe al manejo incorrecto de un tipo espec\u00edfico de paquete UDP malformado. Un atacante en una posici\u00f3n de m\u00e1quina intermedia podr\u00eda aprovechar esta vulnerabilidad enviando paquetes UDP manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se reinicie, lo que provocar\u00eda una condici\u00f3n de DoS en el sistema afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3",
"source": "psirt@cisco.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink