10
CVSSv2

CVE-2020-3375

Published: 31/07/2020 Updated: 10/08/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote malicious user to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the malicious user to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user.

Vulnerability Trend

Affected Products

Vendor Product Versions
CiscoSd-wan18.3.0, 18.4.0, 18.4.1, 18.4.3, 18.4.4, 19.2.0, 19.2.1, 20.1
CiscoIos Xe Sd-wan16.9.0

Vendor Advisories

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device The vulnerability is due to insufficient input validation An attacker could exploit this vulnerability by sending crafted traffic to an affected device A successful exploit could allow the attacker t ...

Recent Articles

Cisco fixes severe flaws in data center management solution
BleepingComputer • Sergiu Gatlan • 29 Jul 2020

Cisco today has released several security updates to address three critical authentication bypass, buffer overflow, and authorization bypass vulnerabilities found to affect Cisco Data Center Network Manager (DCNM) and multiple Cisco SD-WAN software products.
The company also issued security updates to fix another eight high and medium severity vulnerability found in to affect several other Cisco DCNM Software versions.



...