Vulnerabilites related to cisco - meraki_mx100
Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:32
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FA0FF8-5926-4623-9348-4347331C5F3F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
      },
      {
         lang: "es",
         value: "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podrían permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validación insuficiente de los parámetros proporcionados por el cliente al establecer una sesión VPN SSL. Un atacante podría aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotación exitosa podría permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocaría la falla de las conexiones VPN SSL establecidas y obligaría a los usuarios remotos a iniciar una nueva conexión VPN y volver a autenticarse. Un ataque sostenido podría evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tráfico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervención manual.",
      },
   ],
   id: "CVE-2024-20498",
   lastModified: "2024-10-08T18:32:54.457",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:13.870",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-415",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-415",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:28
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
                     versionEndIncluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
      },
      {
         lang: "es",
         value: "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podrían permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validación insuficiente de los parámetros proporcionados por el cliente al establecer una sesión VPN SSL. Un atacante podría aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotación exitosa podría permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocaría la falla de las conexiones VPN SSL establecidas y obligaría a los usuarios remotos a iniciar una nueva conexión VPN y volver a autenticarse. Un ataque sostenido podría evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tráfico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervención manual.",
      },
   ],
   id: "CVE-2024-20501",
   lastModified: "2024-10-08T18:28:51.753",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:14.570",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-26 16:09
Summary
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.
Impacted products
Vendor Product Version
cisco firepower_threat_defense *
cisco secure_firewall_management_center 2.9.14.0
cisco secure_firewall_management_center 2.9.15
cisco secure_firewall_management_center 2.9.16
cisco secure_firewall_management_center 2.9.17
cisco secure_firewall_management_center 2.9.18
cisco secure_firewall_management_center 3.0.1
cisco ios_xe *
cisco 1100-4p_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4461_integrated_services_router -
cisco csr_1000v -
cisco isa_3000 -
snort snort *
cisco meraki_mx64_firmware -
cisco meraki_mx64 -
cisco meraki_mx64w_firmware -
cisco meraki_mx64w -
cisco meraki_mx67_firmware -
cisco meraki_mx67 -
cisco meraki_mx67c_firmware -
cisco meraki_mx67c -
cisco meraki_mx67w_firmware -
cisco meraki_mx67w -
cisco meraki_mx68_firmware -
cisco meraki_mx68 -
cisco meraki_mx68cw_firmware -
cisco meraki_mx68cw -
cisco meraki_mx68w_firmware -
cisco meraki_mx68w -
cisco meraki_mx100_firmware -
cisco meraki_mx100 -
cisco meraki_mx84_firmware -
cisco meraki_mx84 -
cisco meraki_mx250_firmware -
cisco meraki_mx250 -
cisco meraki_mx450_firmware -
cisco meraki_mx450 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB1B5DAC-CE54-43E4-89F6-6DFD7A65C8EA",
                     versionEndExcluding: "6.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2986D5BD-1936-41BD-A992-7672C019F27E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*",
                     matchCriteriaId: "42493B4F-0CF2-45F0-B72D-36F0597CC274",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*",
                     matchCriteriaId: "06F2E7D8-BB95-480D-AE3E-F9B97C3A5379",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F41C382-C849-465C-AF77-0A787CA03BA7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:2.9.18:*:*:*:*:*:*:*",
                     matchCriteriaId: "80AD91C6-B7E3-48AC-8A51-3C05FE2659AB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:secure_firewall_management_center:3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "408B880A-50EF-4246-BF38-213D812BD0BE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B91784-38A9-4A2A-AA92-8AB558924BBD",
                     versionEndExcluding: "17.4.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BF8B0B49-2C99-410B-B011-5B821C5992FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9510E97A-FD78-43C6-85BC-223001ACA264",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "715F9721-D26C-4086-873F-837D0FCAF1A5",
                     versionEndExcluding: "2.9.17",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BCF0950-162A-4E47-BA2A-43701EA7782E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15CD8683-DFB3-45E3-B6E2-92AFD846B0BA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF993C79-4C7F-4B99-B8BB-3996C4F3D8F0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C6A8AAC-9813-45C9-8C69-0579C0ADA0C3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B2F5CB3-1AE0-4905-A28B-090FDA56622E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "24AB6590-8775-4744-BF84-892F0BD10225",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39884334-73AF-4E98-B05A-20FFF82B5DF1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85EF67F0-973F-4FD1-8077-CE68D2AB1149",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "77C0B39F-AE49-44D7-8951-9DB0464FE43B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8398495B-47DB-4A16-AF8C-053685D5DD9C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "90EC4BA2-0FA2-4841-9AB1-3FC92D22530D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A685A8D6-9B97-46B3-8087-0D44EE0D65AD",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.",
      },
      {
         lang: "es",
         value: "Múltiples productos de Cisco están afectados por una vulnerabilidad con TCP Fast Open (TFO) cuando se usan en conjunto con el motor de detección Snort que podría permitir a un atacante remoto no autenticado omitir una política de archivos configurada para HTTP. La vulnerabilidad es debido a la detección incorrecta de la carga útil HTTP si está contenida al menos parcialmente dentro del protocolo de enlace de la conexión TFO. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes TFO diseñados con una carga útil HTTP a través de un dispositivo afectado. Una explotación con éxito podría permitir al atacante omitir la política de archivos configurada para paquetes HTTP y entregar una carga útil maliciosa.",
      },
   ],
   id: "CVE-2021-1224",
   lastModified: "2024-11-26T16:09:02.407",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-01-13T22:15:20.410",
   references: [
      {
         source: "ykramarz@cisco.com",
         url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes",
      },
      {
         source: "ykramarz@cisco.com",
         url: "https://www.debian.org/security/2023/dsa-5354",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.debian.org/security/2023/dsa-5354",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-693",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-26 15:15
Modified
2024-11-21 06:43
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
Impacted products
Vendor Product Version
cisco meraki_mx64_firmware *
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -
cisco meraki_mx65_firmware *
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx67_firmware *
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx67cw_firmware *
cisco meraki_mx67cw_firmware *
cisco meraki_mx67cw -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx68_firmware *
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx75_firmware *
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx84_firmware *
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx85_firmware *
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx95_firmware *
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx100_firmware *
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx105_firmware *
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx250_firmware *
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx400_firmware *
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx450_firmware *
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx600_firmware *
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_vmx_firmware *
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_z3c_firmware -
cisco meraki_z3c -
cisco meraki_z3_firmware -
cisco meraki_z3 -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D9F9343-745D-45B5-B657-6E5675E08E08",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1E66F11-F41A-425D-8409-D8529D906E3D",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7F78CB5-F796-439F-A0A1-E06C857BBAA4",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BE7D32-2477-45D1-A9C1-418B225574E9",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C8F3A54-A2A2-4C34-B5A2-19FD31237C34",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA12B05C-A12F-4EA6-948F-DC1CC0257729",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C95582B9-7563-4F61-8548-D58237AA6FC6",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7160F269-F161-4A30-AD9D-DCECA464F7D6",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "312A2614-4164-4B74-B966-8FC76BE323D1",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2E55C71-356C-47F1-9F90-6A673EFBC369",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B35AF5F8-8641-4DD0-8B1F-7DEFD188DFF2",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77E90F32-E8E3-4852-B579-49FBDAB5F207",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E85585DA-C918-445B-9B44-B2B1A982A1F7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C62EF9EE-39A0-46BF-B82E-6D3CE20D69B7",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3442C032-F879-4CB5-BE83-BD606C07151C",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1605125-61CC-4FB9-8CD2-114DE332E637",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E92B7E7D-A4E7-4F98-9A19-1215361FF3E2",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BCD8CD23-06CA-4A82-BA3C-3EA8C0B61DA7",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "74D48B18-7344-4AF0-A771-D3EF0B421B00",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "865B25D7-DFC9-44E2-98A0-2910B34F6140",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D409165B-80FB-4B61-A02F-529B130EFCB9",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B22E7DB-912F-46CB-BE15-FA9812D15D72",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B537CF0-FA7F-489A-B771-C526046CE12A",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "105DD5F7-B29A-46B6-84E6-9081C55F0AC8",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E769CB5F-6B7B-48F1-ABFE-DF8412DA6777",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "92BD623D-25BE-4D21-9610-266B337F82C7",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "094DCADF-4665-426C-B20E-01B46672B2D3",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34615059-146D-43C4-9FC6-83FA8F11FDEB",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18342750-90EA-4362-869A-9B5FD6E53AA3",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D86B3633-1C72-4912-87F9-8C8811317AB5",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B74149A1-5E2F-42C0-A670-C57C91721837",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5534754A-9F71-4C87-B3AF-00EB6C0421AC",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCE7FDA7-C02B-4ED3-B7C3-FAA2066B2CA5",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6EA8014-F9D2-4F4F-A797-056EBCB5439C",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C87C8065-E397-4D62-ABF2-9EC1177BEBE3",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C884A16-07E2-4536-A4AB-5218E6F6B61F",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "235AAC4D-4F87-4CE1-B370-4536052513A6",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B60B34BB-3375-4A6A-BC5F-27934812A6C9",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC690E48-F5D5-4CCD-9248-C5953028E81C",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D7526DC-5E2C-42A2-8B1B-BED60034CF0A",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "785B2796-0E7D-4FDF-B142-7CE70CEB2269",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "210E5600-00AB-4923-817D-8B9B61BADB3B",
                     versionEndExcluding: "16.16.6",
                     versionStartIncluding: "16.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C68C05-248C-4B91-A727-F1ED23AC347C",
                     versionEndExcluding: "17.10.1",
                     versionStartIncluding: "17.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04CF5026-CC39-48FF-A8F0-8E31A425343E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el servidor VPN Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z3 Teleworker Gateway podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que no se comprueban suficientemente los parámetros proporcionados por el cliente mientras es establecida una sesión VPN SSL. Un atacante podría explotar esta vulnerabilidad al diseñar una petición maliciosa y enviándola al dispositivo afectado. Un ataque con éxito podría permitir al atacante causar a el servidor VPN Cisco AnyConnect bloquearse y reiniciarse, resultando en el fracaso de las conexiones VPN SSL establecidas y obligaría a usuarios remotos a iniciar una nueva conexión VPN y volver a autenticarse. Un ataque sostenido podría impedir que sean establecidas nuevas conexiones VPN SSL. Nota: Cuando el tráfico de ataque es detenido, el servidor VPN Cisco AnyConnect es recuperado con elegancia sin necesidad de intervención manual. Cisco Meraki ha publicado actualizaciones de software que abordan esta vulnerabilidad",
      },
   ],
   id: "CVE-2022-20933",
   lastModified: "2024-11-21T06:43:51.123",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-26T15:15:14.713",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-234",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:27
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
                     versionEndIncluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
      },
      {
         lang: "es",
         value: "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podrían permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validación insuficiente de los parámetros proporcionados por el cliente al establecer una sesión VPN SSL. Un atacante podría aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotación exitosa podría permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocaría la falla de las conexiones VPN SSL establecidas y obligaría a los usuarios remotos a iniciar una nueva conexión VPN y volver a autenticarse. Un ataque sostenido podría evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tráfico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervención manual.",
      },
   ],
   id: "CVE-2024-20499",
   lastModified: "2024-10-08T18:27:16.110",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:14.143",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:27
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
                     versionEndIncluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Esta vulnerabilidad se debe a una gestión insuficiente de los recursos al establecer sesiones TLS/SSL. Un atacante podría aprovechar esta vulnerabilidad enviando una serie de mensajes TLS/SSL manipulados al servidor VPN de un dispositivo afectado. Una explotación exitosa podría permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impediría que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tráfico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervención manual.",
      },
   ],
   id: "CVE-2024-20500",
   lastModified: "2024-10-08T18:27:19.347",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:14.350",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:46
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FA0FF8-5926-4623-9348-4347331C5F3F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gestión insuficiente de los recursos al establecer sesiones VPN SSL. Un atacante podría aprovechar esta vulnerabilidad enviando una serie de solicitudes HTTPS manipuladas al servidor VPN de un dispositivo afectado. Una explotación exitosa podría permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impediría que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tráfico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervención manual.",
      },
   ],
   id: "CVE-2024-20502",
   lastModified: "2024-10-08T18:46:38.437",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:14.780",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:45
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FA0FF8-5926-4623-9348-4347331C5F3F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.\r\n\r\nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podría permitir que un atacante remoto no autenticado secuestre una sesión VPN de AnyConnect o provoque una condición de denegación de servicio (DoS) para usuarios individuales del servicio VPN de AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entropía débil para los controladores que se utilizan durante el proceso de autenticación de VPN, así como a una condición de ejecución que existe en el mismo proceso. Un atacante podría aprovechar esta vulnerabilidad adivinando correctamente un controlador de autenticación y luego enviando solicitudes HTTPS manipuladas a un dispositivo afectado. Una explotación exitosa podría permitir al atacante tomar el control de la sesión VPN de AnyConnect de un usuario objetivo o evitar que el usuario objetivo establezca una sesión VPN de AnyConnect con el dispositivo afectado.",
      },
   ],
   id: "CVE-2024-20509",
   lastModified: "2024-10-08T18:45:52.513",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:14.997",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-362",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-362",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 21:16
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C6574B-E879-4813-9516-93B41EBDFBD3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3099A12-2D6F-4486-A690-1C809AF480B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "23FA0FF8-5926-4623-9348-4347331C5F3F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "17.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE749570-1EA6-4734-B96A-D02B3BA3A756",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6646F004-E0E0-4316-A022-2793C28FBCCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "96D29083-7535-4B23-9141-BF6CE2824184",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8F2FA1-B439-4978-AD2B-34C98310D894",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D620C14D-7724-4C38-83A6-E33328EDE7C3",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B35EB71-8584-4803-A438-AEC406FD8445",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A61EA9B6-126D-4174-8BEF-7FD311724C03",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ACA552D-78D3-4312-9537-28ADBB15E08A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "869396D2-5CB1-45FF-8CC8-C6BA17548076",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0AF66E98-18FB-4862-96C6-090F9B563AAC",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "40A18D40-3168-4270-A019-0FFB3652BD64",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35740A98-6486-458C-99A9-8E23A781C917",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "410A121A-037A-4D44-A35F-7AE41F93E5AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A4239D-E115-4368-895A-002BBD94F243",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "995A6C94-CC7F-4CA4-8815-693E491652B4",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A892F3D-62F9-4B04-94E8-FD803159C47B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "900C8DC4-EF1C-4762-A517-F67665F3D724",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03F9C184-3811-4A26-846D-54ECE7CF939F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0118FD5D-0D25-4984-A6EB-40EF70B85144",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18E682AA-05AD-483F-915F-A2B2C98233B7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE27942F-86F1-480C-AFA1-762A5A9E775F",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AB39E09-A441-4F95-9F38-44942BDE98AD",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45953505-EF91-4825-95CD-51EE86D694A5",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2702FE73-E4AC-45C7-A212-44D783720798",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A471D3-2D62-4458-ADDE-53D60E55966C",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D24D11CA-67C0-4376-91DE-F62118062FED",
                     versionEndExcluding: "18.211.2",
                     versionStartIncluding: "16.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) para usuarios específicos del servicio AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entropía insuficiente para los controladores que se utilizan durante el establecimiento de una sesión VPN SSL. Un atacante no autenticado podría explotar esta vulnerabilidad mediante la fuerza bruta de controladores de sesión válidos. Un atacante autenticado podría explotar esta vulnerabilidad conectándose al servicio VPN AnyConnect de un dispositivo afectado para recuperar un controlador de sesión válido y, en función de ese controlador, predecir otros controladores de sesión válidos. A continuación, el atacante enviaría una solicitud HTTPS manipulada mediante el controlador de sesión forzado o previsto al servidor VPN AnyConnect del dispositivo. Una explotación exitosa podría permitir al atacante finalizar sesiones VPN SSL específicas, lo que obligaría a los usuarios remotos a iniciar nuevas conexiones VPN y volver a autenticarse.",
      },
   ],
   id: "CVE-2024-20513",
   lastModified: "2024-10-08T21:16:54.820",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "ykramarz@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-02T19:15:15.210",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-639",
            },
         ],
         source: "ykramarz@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-639",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2024-20500
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:05
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_mx",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_z1",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20500",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:05:10.593025Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:05:52.477Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:19.259Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20500",
      datePublished: "2024-10-02T18:23:19.259Z",
      dateReserved: "2023-11-08T15:08:07.687Z",
      dateUpdated: "2024-10-02T19:05:52.477Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20502
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:01
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_mx",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_z1",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20502",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T18:59:14.837416Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:01:09.601Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:45.163Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20502",
      datePublished: "2024-10-02T18:23:45.163Z",
      dateReserved: "2023-11-08T15:08:07.687Z",
      dateUpdated: "2024-10-02T19:01:09.601Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-1224
Vulnerability from cvelistv5
Published
2021-01-13 21:16
Modified
2024-11-12 20:48
Summary
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.
Impacted products
Vendor Product Version
Cisco Cisco Firepower Threat Defense Software Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T16:02:56.126Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210113 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes",
               },
               {
                  name: "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html",
               },
               {
                  name: "DSA-5354",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2023/dsa-5354",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-1224",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T20:06:11.617988Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-12T20:48:38.628Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Firepower Threat Defense Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-01-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-693",
                     description: "CWE-693",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-19T00:00:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210113 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes",
            },
            {
               name: "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html",
            },
            {
               name: "DSA-5354",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.debian.org/security/2023/dsa-5354",
            },
         ],
         source: {
            advisory: "cisco-sa-snort-tfo-bypass-MmzZrtes",
            defect: [
               [
                  "CSCvt43136",
                  "CSCvu88532",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-1224",
      datePublished: "2021-01-13T21:16:53.450812Z",
      dateReserved: "2020-11-13T00:00:00",
      dateUpdated: "2024-11-12T20:48:38.628Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20509
Vulnerability from cvelistv5
Published
2024-10-02 18:24
Modified
2024-10-02 19:51
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20509",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:50:56.321761Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:51:14.048Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.\r\n\r\nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco PSIRT nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-362",
                     description: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:24:42.768Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20509",
      datePublished: "2024-10-02T18:24:42.768Z",
      dateReserved: "2023-11-08T15:08:07.688Z",
      dateUpdated: "2024-10-02T19:51:14.048Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20499
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:04
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_mx",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_z1",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20499",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:03:30.783849Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:04:46.773Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:26.563Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20499",
      datePublished: "2024-10-02T18:23:26.563Z",
      dateReserved: "2023-11-08T15:08:07.686Z",
      dateUpdated: "2024-10-02T19:04:46.773Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20501
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:03
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_mx",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_z1",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20501",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:01:58.939883Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:03:03.851Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "Out-of-bounds Write",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:35.875Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            defects: [
               "CSCwh53896",
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20501",
      datePublished: "2024-10-02T18:23:35.875Z",
      dateReserved: "2023-11-08T15:08:07.687Z",
      dateUpdated: "2024-10-02T19:03:03.851Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20513
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:48
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20513",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:48:03.244649Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:48:23.292Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-639",
                     description: "Authorization Bypass Through User-Controlled Key",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:54.411Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Targeted Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20513",
      datePublished: "2024-10-02T18:23:54.411Z",
      dateReserved: "2023-11-08T15:08:07.689Z",
      dateUpdated: "2024-10-02T19:48:23.292Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-20933
Vulnerability from cvelistv5
Published
2022-10-26 14:00
Modified
2024-11-01 18:48
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:31:57.978Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-20933",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-01T18:43:45.653455Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-01T18:48:56.789Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2022-10-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-234",
                     description: "CWE-234",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-26T00:00:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
            defect: [
               [
                  "NA",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2022-20933",
      datePublished: "2022-10-26T14:00:34.721945Z",
      dateReserved: "2021-11-02T00:00:00",
      dateUpdated: "2024-11-01T18:48:56.789Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-20498
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:08
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
Impacted products
Vendor Product Version
Cisco Cisco Meraki MX Firmware Version: N/A
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_mx",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "meraki_z1",
                  vendor: "cisco",
                  versions: [
                     {
                        status: "affected",
                        version: "0",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-20498",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-02T19:07:18.453595Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-02T19:08:07.164Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Meraki MX Firmware",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-415",
                     description: "Double Free",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-02T18:23:11.523Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            },
         ],
         source: {
            advisory: "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
            discovery: "INTERNAL",
         },
         title: "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2024-20498",
      datePublished: "2024-10-02T18:23:11.523Z",
      dateReserved: "2023-11-08T15:08:07.686Z",
      dateUpdated: "2024-10-02T19:08:07.164Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}