CVE-2023-20262
Summary
| CVE | CVE-2023-20262 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-09-27 18:15:00 UTC |
| Updated | 2024-01-25 17:15:00 UTC |
| Description | A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected. This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Catalyst Sd-wan Manager | All | All | All | All |
| Application | Cisco | Sd-wan Vmanage | All | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.12 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Catalyst SD-WAN Manager Vulnerabilities | MISC | sec.cloudapps.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317363 Cisco SD-WAN vManage Denial of Service (DoS) Vulnerability (cisco-sa-sdwan-vman-sc-LRLfu2z)