github - ghsa-h2rg-8hq7-x2qc

ghsa-h2rg-8hq7-x2qc

Vulnerability from github

Published

2023-09-27 18:30

Modified

2024-01-25 18:30

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-20262"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T18:15:11Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.\n\n This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.",
  "id": "GHSA-h2rg-8hq7-x2qc",
  "modified": "2024-01-25T18:30:44Z",
  "published": "2023-09-27T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20262"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

cve-2023-20262

Vulnerability from cvelistv5

Published

2023-09-27 17:16

Modified

2024-08-02 09:05

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected. This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Impacted products

▼	Vendor	Product
	Cisco	Cisco SD-WAN Solution
	Cisco	Cisco SD-WAN vManage
	Cisco	Cisco SD-WAN vSmart

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.887Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-sdwan-vman-sc-LRLfu2z",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco SD-WAN Solution",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "17.2.4"
            },
            {
              "status": "affected",
              "version": "17.2.5"
            },
            {
              "status": "affected",
              "version": "17.2.6"
            },
            {
              "status": "affected",
              "version": "17.2.7"
            },
            {
              "status": "affected",
              "version": "17.2.8"
            },
            {
              "status": "affected",
              "version": "17.2.9"
            },
            {
              "status": "affected",
              "version": "17.2.10"
            },
            {
              "status": "affected",
              "version": "18.2.0"
            },
            {
              "status": "affected",
              "version": "18.3.0"
            },
            {
              "status": "affected",
              "version": "18.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.3"
            },
            {
              "status": "affected",
              "version": "18.3.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.4"
            },
            {
              "status": "affected",
              "version": "18.3.5"
            },
            {
              "status": "affected",
              "version": "18.3.6"
            },
            {
              "status": "affected",
              "version": "18.3.7"
            },
            {
              "status": "affected",
              "version": "18.3.8"
            },
            {
              "status": "affected",
              "version": "18.4.0"
            },
            {
              "status": "affected",
              "version": "18.4.1"
            },
            {
              "status": "affected",
              "version": "18.4.0.1"
            },
            {
              "status": "affected",
              "version": "18.4.3"
            },
            {
              "status": "affected",
              "version": "18.4.302"
            },
            {
              "status": "affected",
              "version": "18.4.303"
            },
            {
              "status": "affected",
              "version": "18.4.4"
            },
            {
              "status": "affected",
              "version": "18.4.5"
            },
            {
              "status": "affected",
              "version": "18.4.6"
            },
            {
              "status": "affected",
              "version": "19.1.0"
            },
            {
              "status": "affected",
              "version": "19.2.0"
            },
            {
              "status": "affected",
              "version": "19.2.097"
            },
            {
              "status": "affected",
              "version": "19.2.099"
            },
            {
              "status": "affected",
              "version": "19.2.1"
            },
            {
              "status": "affected",
              "version": "19.2.2"
            },
            {
              "status": "affected",
              "version": "19.2.3"
            },
            {
              "status": "affected",
              "version": "19.2.929"
            },
            {
              "status": "affected",
              "version": "19.2.31"
            },
            {
              "status": "affected",
              "version": "19.2.4"
            },
            {
              "status": "affected",
              "version": "19.3.0"
            },
            {
              "status": "affected",
              "version": "20.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.11"
            },
            {
              "status": "affected",
              "version": "20.1.12"
            },
            {
              "status": "affected",
              "version": "20.1.2"
            },
            {
              "status": "affected",
              "version": "20.1.3"
            },
            {
              "status": "affected",
              "version": "20.1.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.2"
            },
            {
              "status": "affected",
              "version": "20.3.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.3"
            },
            {
              "status": "affected",
              "version": "20.3.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.4"
            },
            {
              "status": "affected",
              "version": "20.3.4.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.1"
            },
            {
              "status": "affected",
              "version": "20.3.5"
            },
            {
              "status": "affected",
              "version": "20.3.6"
            },
            {
              "status": "affected",
              "version": "20.3.4.3"
            },
            {
              "status": "affected",
              "version": "20.3.5.1"
            },
            {
              "status": "affected",
              "version": "20.4.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.4.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.3"
            },
            {
              "status": "affected",
              "version": "20.5.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.5.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.1"
            },
            {
              "status": "affected",
              "version": "20.6.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.2.1"
            },
            {
              "status": "affected",
              "version": "20.6.2"
            },
            {
              "status": "affected",
              "version": "20.6.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.1"
            },
            {
              "status": "affected",
              "version": "20.6.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.1"
            },
            {
              "status": "affected",
              "version": "20.6.5"
            },
            {
              "status": "affected",
              "version": "20.6.5.2"
            },
            {
              "status": "affected",
              "version": "20.6.3.2"
            },
            {
              "status": "affected",
              "version": "20.6.3.3"
            },
            {
              "status": "affected",
              "version": "20.6.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.3.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.5"
            },
            {
              "status": "affected",
              "version": "20.7.1"
            },
            {
              "status": "affected",
              "version": "20.7.1.1"
            },
            {
              "status": "affected",
              "version": "20.7.2"
            },
            {
              "status": "affected",
              "version": "20.8.1"
            },
            {
              "status": "affected",
              "version": "20.9.1"
            },
            {
              "status": "affected",
              "version": "20.9.2.3"
            },
            {
              "status": "affected",
              "version": "20.10.1.2"
            }
          ]
        },
        {
          "product": "Cisco SD-WAN vManage",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "17.2.6"
            },
            {
              "status": "affected",
              "version": "17.2.7"
            },
            {
              "status": "affected",
              "version": "17.2.8"
            },
            {
              "status": "affected",
              "version": "17.2.9"
            },
            {
              "status": "affected",
              "version": "17.2.10"
            },
            {
              "status": "affected",
              "version": "17.2.4"
            },
            {
              "status": "affected",
              "version": "17.2.5"
            },
            {
              "status": "affected",
              "version": "18.3.1.1"
            },
            {
              "status": "affected",
              "version": "18.3.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.3"
            },
            {
              "status": "affected",
              "version": "18.3.4"
            },
            {
              "status": "affected",
              "version": "18.3.5"
            },
            {
              "status": "affected",
              "version": "18.3.7"
            },
            {
              "status": "affected",
              "version": "18.3.8"
            },
            {
              "status": "affected",
              "version": "18.3.6.1"
            },
            {
              "status": "affected",
              "version": "18.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.0"
            },
            {
              "status": "affected",
              "version": "18.4.0.1"
            },
            {
              "status": "affected",
              "version": "18.4.3"
            },
            {
              "status": "affected",
              "version": "18.4.302"
            },
            {
              "status": "affected",
              "version": "18.4.303"
            },
            {
              "status": "affected",
              "version": "18.4.4"
            },
            {
              "status": "affected",
              "version": "18.4.5"
            },
            {
              "status": "affected",
              "version": "18.4.0"
            },
            {
              "status": "affected",
              "version": "18.4.1"
            },
            {
              "status": "affected",
              "version": "18.4.6"
            },
            {
              "status": "affected",
              "version": "19.2.0"
            },
            {
              "status": "affected",
              "version": "19.2.097"
            },
            {
              "status": "affected",
              "version": "19.2.099"
            },
            {
              "status": "affected",
              "version": "19.2.1"
            },
            {
              "status": "affected",
              "version": "19.2.2"
            },
            {
              "status": "affected",
              "version": "19.2.3"
            },
            {
              "status": "affected",
              "version": "19.2.31"
            },
            {
              "status": "affected",
              "version": "19.2.929"
            },
            {
              "status": "affected",
              "version": "19.2.4"
            },
            {
              "status": "affected",
              "version": "20.1.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.12"
            },
            {
              "status": "affected",
              "version": "20.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.2"
            },
            {
              "status": "affected",
              "version": "20.1.3"
            },
            {
              "status": "affected",
              "version": "19.3.0"
            },
            {
              "status": "affected",
              "version": "19.1.0"
            },
            {
              "status": "affected",
              "version": "18.2.0"
            },
            {
              "status": "affected",
              "version": "20.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.2"
            },
            {
              "status": "affected",
              "version": "20.3.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.3"
            },
            {
              "status": "affected",
              "version": "20.3.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.4"
            },
            {
              "status": "affected",
              "version": "20.3.4.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.2"
            },
            {
              "status": "affected",
              "version": "20.3.5"
            },
            {
              "status": "affected",
              "version": "20.3.6"
            },
            {
              "status": "affected",
              "version": "20.3.4.3"
            },
            {
              "status": "affected",
              "version": "20.3.5.1"
            },
            {
              "status": "affected",
              "version": "20.4.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.4.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.3"
            },
            {
              "status": "affected",
              "version": "20.5.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.5.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.1"
            },
            {
              "status": "affected",
              "version": "20.6.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.2.1"
            },
            {
              "status": "affected",
              "version": "20.6.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.2"
            },
            {
              "status": "affected",
              "version": "20.6.3"
            },
            {
              "status": "affected",
              "version": "20.6.1.2"
            },
            {
              "status": "affected",
              "version": "20.10.1"
            },
            {
              "status": "affected",
              "version": "20.10.1.1"
            },
            {
              "status": "affected",
              "version": "20.10.1.2"
            }
          ]
        },
        {
          "product": "Cisco SD-WAN vSmart",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.\r\n\r This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "Resource Management Errors",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:34.677Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-sdwan-vman-sc-LRLfu2z",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z",
        "defects": [
          "CSCwd46383"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20262",
    "datePublished": "2023-09-27T17:16:50.429Z",
    "dateReserved": "2022-10-27T18:47:50.373Z",
    "dateUpdated": "2024-08-02T09:05:36.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted