All the vulnerabilites related to cisco - meraki_vmx_firmware
Vulnerability from fkie_nvd
Published
2022-10-26 15:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBfVendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx64_firmware *
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -
cisco meraki_mx65_firmware *
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx67_firmware *
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx67cw_firmware *
cisco meraki_mx67cw_firmware *
cisco meraki_mx67cw -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx68_firmware *
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx75_firmware *
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx84_firmware *
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx85_firmware *
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx95_firmware *
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx100_firmware *
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx105_firmware *
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx250_firmware *
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx400_firmware *
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx450_firmware *
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx600_firmware *
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_vmx_firmware *
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_z3c_firmware -
cisco meraki_z3c -
cisco meraki_z3_firmware -
cisco meraki_z3 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D9F9343-745D-45B5-B657-6E5675E08E08",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E66F11-F41A-425D-8409-D8529D906E3D",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F78CB5-F796-439F-A0A1-E06C857BBAA4",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BE7D32-2477-45D1-A9C1-418B225574E9",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8F3A54-A2A2-4C34-B5A2-19FD31237C34",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA12B05C-A12F-4EA6-948F-DC1CC0257729",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C95582B9-7563-4F61-8548-D58237AA6FC6",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7160F269-F161-4A30-AD9D-DCECA464F7D6",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "312A2614-4164-4B74-B966-8FC76BE323D1",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E55C71-356C-47F1-9F90-6A673EFBC369",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35AF5F8-8641-4DD0-8B1F-7DEFD188DFF2",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E90F32-E8E3-4852-B579-49FBDAB5F207",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E85585DA-C918-445B-9B44-B2B1A982A1F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62EF9EE-39A0-46BF-B82E-6D3CE20D69B7",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3442C032-F879-4CB5-BE83-BD606C07151C",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1605125-61CC-4FB9-8CD2-114DE332E637",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E92B7E7D-A4E7-4F98-9A19-1215361FF3E2",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD8CD23-06CA-4A82-BA3C-3EA8C0B61DA7",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74D48B18-7344-4AF0-A771-D3EF0B421B00",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865B25D7-DFC9-44E2-98A0-2910B34F6140",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D409165B-80FB-4B61-A02F-529B130EFCB9",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B22E7DB-912F-46CB-BE15-FA9812D15D72",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B537CF0-FA7F-489A-B771-C526046CE12A",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "105DD5F7-B29A-46B6-84E6-9081C55F0AC8",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E769CB5F-6B7B-48F1-ABFE-DF8412DA6777",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92BD623D-25BE-4D21-9610-266B337F82C7",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "094DCADF-4665-426C-B20E-01B46672B2D3",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34615059-146D-43C4-9FC6-83FA8F11FDEB",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18342750-90EA-4362-869A-9B5FD6E53AA3",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86B3633-1C72-4912-87F9-8C8811317AB5",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B74149A1-5E2F-42C0-A670-C57C91721837",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5534754A-9F71-4C87-B3AF-00EB6C0421AC",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCE7FDA7-C02B-4ED3-B7C3-FAA2066B2CA5",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6EA8014-F9D2-4F4F-A797-056EBCB5439C",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C87C8065-E397-4D62-ABF2-9EC1177BEBE3",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C884A16-07E2-4536-A4AB-5218E6F6B61F",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "235AAC4D-4F87-4CE1-B370-4536052513A6",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B60B34BB-3375-4A6A-BC5F-27934812A6C9",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC690E48-F5D5-4CCD-9248-C5953028E81C",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D7526DC-5E2C-42A2-8B1B-BED60034CF0A",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "785B2796-0E7D-4FDF-B142-7CE70CEB2269",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "210E5600-00AB-4923-817D-8B9B61BADB3B",
              "versionEndExcluding": "16.16.6",
              "versionStartIncluding": "16.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C68C05-248C-4B91-A727-F1ED23AC347C",
              "versionEndExcluding": "17.10.1",
              "versionStartIncluding": "17.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CF5026-CC39-48FF-A8F0-8E31A425343E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z3 Teleworker Gateway podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que no se comprueban suficientemente los par\u00e1metros proporcionados por el cliente mientras es establecida una sesi\u00f3n VPN SSL. Un atacante podr\u00eda explotar esta vulnerabilidad al dise\u00f1ar una petici\u00f3n maliciosa y envi\u00e1ndola al dispositivo afectado. Un ataque con \u00e9xito podr\u00eda permitir al atacante causar a el servidor VPN Cisco AnyConnect bloquearse y reiniciarse, resultando en el fracaso de las conexiones VPN SSL establecidas y obligar\u00eda a usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda impedir que sean establecidas nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico de ataque es detenido, el servidor VPN Cisco AnyConnect es recuperado con elegancia sin necesidad de intervenci\u00f3n manual. Cisco Meraki ha publicado actualizaciones de software que abordan esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-20933",
  "lastModified": "2024-11-21T06:43:51.123",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-26T15:15:14.713",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-234"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:32
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FA0FF8-5926-4623-9348-4347331C5F3F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20498",
  "lastModified": "2024-10-08T18:32:54.457",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:13.870",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-415"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:27
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
              "versionEndIncluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20499",
  "lastModified": "2024-10-08T18:27:16.110",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.143",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:45
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7XVendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FA0FF8-5926-4623-9348-4347331C5F3F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.\r\n\r\nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado secuestre una sesi\u00f3n VPN de AnyConnect o provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) para usuarios individuales del servicio VPN de AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entrop\u00eda d\u00e9bil para los controladores que se utilizan durante el proceso de autenticaci\u00f3n de VPN, as\u00ed como a una condici\u00f3n de ejecuci\u00f3n que existe en el mismo proceso. Un atacante podr\u00eda aprovechar esta vulnerabilidad adivinando correctamente un controlador de autenticaci\u00f3n y luego enviando solicitudes HTTPS manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante tomar el control de la sesi\u00f3n VPN de AnyConnect de un usuario objetivo o evitar que el usuario objetivo establezca una sesi\u00f3n VPN de AnyConnect con el dispositivo afectado."
    }
  ],
  "id": "CVE-2024-20509",
  "lastModified": "2024-10-08T18:45:52.513",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.997",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:27
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
              "versionEndIncluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos al establecer sesiones TLS/SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de mensajes TLS/SSL manipulados al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impedir\u00eda que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20500",
  "lastModified": "2024-10-08T18:27:19.347",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.350",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 21:16
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FA0FF8-5926-4623-9348-4347331C5F3F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) para usuarios espec\u00edficos del servicio AnyConnect en un dispositivo afectado. Esta vulnerabilidad se debe a una entrop\u00eda insuficiente para los controladores que se utilizan durante el establecimiento de una sesi\u00f3n VPN SSL. Un atacante no autenticado podr\u00eda explotar esta vulnerabilidad mediante la fuerza bruta de controladores de sesi\u00f3n v\u00e1lidos. Un atacante autenticado podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose al servicio VPN AnyConnect de un dispositivo afectado para recuperar un controlador de sesi\u00f3n v\u00e1lido y, en funci\u00f3n de ese controlador, predecir otros controladores de sesi\u00f3n v\u00e1lidos. A continuaci\u00f3n, el atacante enviar\u00eda una solicitud HTTPS manipulada mediante el controlador de sesi\u00f3n forzado o previsto al servidor VPN AnyConnect del dispositivo. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante finalizar sesiones VPN SSL espec\u00edficas, lo que obligar\u00eda a los usuarios remotos a iniciar nuevas conexiones VPN y volver a autenticarse."
    }
  ],
  "id": "CVE-2024-20513",
  "lastModified": "2024-10-08T21:16:54.820",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:15.210",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-639"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-639"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:28
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
              "versionEndIncluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00edan permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el cliente al establecer una sesi\u00f3n VPN SSL. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando una solicitud HTTPS manipulada al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el servidor VPN de Cisco AnyConnect se reinicie, lo que provocar\u00eda la falla de las conexiones VPN SSL establecidas y obligar\u00eda a los usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda evitar que se establezcan nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20501",
  "lastModified": "2024-10-08T18:28:51.753",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.570",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-10-02 19:15
Modified
2024-10-08 18:46
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2Vendor Advisory
Impacted products
Vendor Product Version
cisco meraki_mx65_firmware *
cisco meraki_mx65 -
cisco meraki_mx64_firmware *
cisco meraki_mx64 -
cisco meraki_z4c_firmware *
cisco meraki_z4c -
cisco meraki_z4_firmware *
cisco meraki_z4 -
cisco meraki_z3c_firmware *
cisco meraki_z3c -
cisco meraki_z3_firmware *
cisco meraki_z3 -
cisco meraki_vmx_firmware *
cisco meraki_vmx -
cisco meraki_mx600_firmware *
cisco meraki_mx600 -
cisco meraki_mx450_firmware *
cisco meraki_mx450 -
cisco meraki_mx400_firmware *
cisco meraki_mx400 -
cisco meraki_mx250_firmware *
cisco meraki_mx250 -
cisco meraki_mx105_firmware *
cisco meraki_mx105 -
cisco meraki_mx100_firmware *
cisco meraki_mx100 -
cisco meraki_mx95_firmware *
cisco meraki_mx95 -
cisco meraki_mx85_firmware *
cisco meraki_mx85 -
cisco meraki_mx84_firmware *
cisco meraki_mx84 -
cisco meraki_mx75_firmware *
cisco meraki_mx75 -
cisco meraki_mx68w_firmware *
cisco meraki_mx68w -
cisco meraki_mx68cw_firmware *
cisco meraki_mx68cw -
cisco meraki_mx68_firmware *
cisco meraki_mx68 -
cisco meraki_mx67w_firmware *
cisco meraki_mx67w -
cisco meraki_mx67c_firmware *
cisco meraki_mx67c -
cisco meraki_mx67_firmware *
cisco meraki_mx67 -
cisco meraki_mx65w_firmware *
cisco meraki_mx65w -
cisco meraki_mx64w_firmware *
cisco meraki_mx64w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FA0FF8-5926-4623-9348-4347331C5F3F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos al establecer sesiones VPN SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de solicitudes HTTPS manipuladas al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impedir\u00eda que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20502",
  "lastModified": "2024-10-08T18:46:38.437",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.780",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2024-20513
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:48
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20513",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:48:03.244649Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:48:23.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-639",
              "description": "Authorization Bypass Through User-Controlled Key",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:54.411Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Targeted Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20513",
    "datePublished": "2024-10-02T18:23:54.411Z",
    "dateReserved": "2023-11-08T15:08:07.689Z",
    "dateUpdated": "2024-10-02T19:48:23.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20502
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:01
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_mx",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_z1",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20502",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T18:59:14.837416Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:01:09.601Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:45.163Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20502",
    "datePublished": "2024-10-02T18:23:45.163Z",
    "dateReserved": "2023-11-08T15:08:07.687Z",
    "dateUpdated": "2024-10-02T19:01:09.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20500
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:05
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_mx",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_z1",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20500",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:05:10.593025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:05:52.477Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:19.259Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20500",
    "datePublished": "2024-10-02T18:23:19.259Z",
    "dateReserved": "2023-11-08T15:08:07.687Z",
    "dateUpdated": "2024-10-02T19:05:52.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-20933
Vulnerability from cvelistv5
Published
2022-10-26 14:00
Modified
2024-11-01 18:48
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBfvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.978Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20933",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-01T18:43:45.653455Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T18:48:56.789Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-10-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-234",
              "description": "CWE-234",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-26T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
        "defect": [
          [
            "NA"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20933",
    "datePublished": "2022-10-26T14:00:34.721945Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-01T18:48:56.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20501
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:03
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_mx",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_z1",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20501",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:01:58.939883Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:03:03.851Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:35.875Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "defects": [
          "CSCwh53896"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20501",
    "datePublished": "2024-10-02T18:23:35.875Z",
    "dateReserved": "2023-11-08T15:08:07.687Z",
    "dateUpdated": "2024-10-02T19:03:03.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20498
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:08
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_mx",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_z1",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20498",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:07:18.453595Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:08:07.164Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:11.523Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20498",
    "datePublished": "2024-10-02T18:23:11.523Z",
    "dateReserved": "2023-11-08T15:08:07.686Z",
    "dateUpdated": "2024-10-02T19:08:07.164Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20509
Vulnerability from cvelistv5
Published
2024-10-02 18:24
Modified
2024-10-02 19:51
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20509",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:50:56.321761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:51:14.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.\r\n\r\nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco PSIRT nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:24:42.768Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20509",
    "datePublished": "2024-10-02T18:24:42.768Z",
    "dateReserved": "2023-11-08T15:08:07.688Z",
    "dateUpdated": "2024-10-02T19:51:14.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-20499
Vulnerability from cvelistv5
Published
2024-10-02 18:23
Modified
2024-10-02 19:04
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_mx",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:cisco:meraki_z1:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "meraki_z1",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20499",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:03:30.783849Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:04:46.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Meraki MX Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\r\nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.\r\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T18:23:26.563Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
        "discovery": "INTERNAL"
      },
      "title": "Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20499",
    "datePublished": "2024-10-02T18:23:26.563Z",
    "dateReserved": "2023-11-08T15:08:07.686Z",
    "dateUpdated": "2024-10-02T19:04:46.773Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}