Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-20933 (GCVE-0-2022-20933)
Vulnerability from cvelistv5 – Published: 2022-10-26 14:00 – Updated: 2024-11-01 18:48
VLAI?
EPSS
Title
Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meraki MX Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:57.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20933",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:43:45.653455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:48:56.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Meraki MX Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-234",
"description": "CWE-234",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-26T00:00:00.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
],
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
"defect": [
[
"NA"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20933",
"datePublished": "2022-10-26T14:00:34.721Z",
"dateReserved": "2021-11-02T00:00:00.000Z",
"dateUpdated": "2024-11-01T18:48:56.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf\", \"name\": \"20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T02:31:57.978Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-20933\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-01T18:43:45.653455Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-01T18:44:05.672Z\"}}], \"cna\": {\"title\": \"Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"NA\"]], \"advisory\": \"cisco-sa-meraki-mx-vpn-dos-vnESbgBf\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Meraki MX Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2022-10-19T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf\", \"name\": \"20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-234\", \"description\": \"CWE-234\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2022-10-26T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-20933\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-01T18:48:56.789Z\", \"dateReserved\": \"2021-11-02T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2022-10-26T14:00:34.721Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2022-20933
Vulnerability from fkie_nvd - Published: 2022-10-26 15:15 - Updated: 2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9F9343-745D-45B5-B657-6E5675E08E08",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E66F11-F41A-425D-8409-D8529D906E3D",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F78CB5-F796-439F-A0A1-E06C857BBAA4",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72BE7D32-2477-45D1-A9C1-418B225574E9",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8F3A54-A2A2-4C34-B5A2-19FD31237C34",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA12B05C-A12F-4EA6-948F-DC1CC0257729",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C95582B9-7563-4F61-8548-D58237AA6FC6",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7160F269-F161-4A30-AD9D-DCECA464F7D6",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "312A2614-4164-4B74-B966-8FC76BE323D1",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E55C71-356C-47F1-9F90-6A673EFBC369",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B35AF5F8-8641-4DD0-8B1F-7DEFD188DFF2",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77E90F32-E8E3-4852-B579-49FBDAB5F207",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E85585DA-C918-445B-9B44-B2B1A982A1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C62EF9EE-39A0-46BF-B82E-6D3CE20D69B7",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3442C032-F879-4CB5-BE83-BD606C07151C",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1605125-61CC-4FB9-8CD2-114DE332E637",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E92B7E7D-A4E7-4F98-9A19-1215361FF3E2",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD8CD23-06CA-4A82-BA3C-3EA8C0B61DA7",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74D48B18-7344-4AF0-A771-D3EF0B421B00",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865B25D7-DFC9-44E2-98A0-2910B34F6140",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D409165B-80FB-4B61-A02F-529B130EFCB9",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B22E7DB-912F-46CB-BE15-FA9812D15D72",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B537CF0-FA7F-489A-B771-C526046CE12A",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "105DD5F7-B29A-46B6-84E6-9081C55F0AC8",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E769CB5F-6B7B-48F1-ABFE-DF8412DA6777",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92BD623D-25BE-4D21-9610-266B337F82C7",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094DCADF-4665-426C-B20E-01B46672B2D3",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
"matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34615059-146D-43C4-9FC6-83FA8F11FDEB",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18342750-90EA-4362-869A-9B5FD6E53AA3",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D86B3633-1C72-4912-87F9-8C8811317AB5",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B74149A1-5E2F-42C0-A670-C57C91721837",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5534754A-9F71-4C87-B3AF-00EB6C0421AC",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE7FDA7-C02B-4ED3-B7C3-FAA2066B2CA5",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EA8014-F9D2-4F4F-A797-056EBCB5439C",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C87C8065-E397-4D62-ABF2-9EC1177BEBE3",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C884A16-07E2-4536-A4AB-5218E6F6B61F",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "235AAC4D-4F87-4CE1-B370-4536052513A6",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B60B34BB-3375-4A6A-BC5F-27934812A6C9",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC690E48-F5D5-4CCD-9248-C5953028E81C",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D7526DC-5E2C-42A2-8B1B-BED60034CF0A",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "785B2796-0E7D-4FDF-B142-7CE70CEB2269",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "210E5600-00AB-4923-817D-8B9B61BADB3B",
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C68C05-248C-4B91-A727-F1ED23AC347C",
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CF5026-CC39-48FF-A8F0-8E31A425343E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servidor VPN Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z3 Teleworker Gateway podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que no se comprueban suficientemente los par\u00e1metros proporcionados por el cliente mientras es establecida una sesi\u00f3n VPN SSL. Un atacante podr\u00eda explotar esta vulnerabilidad al dise\u00f1ar una petici\u00f3n maliciosa y envi\u00e1ndola al dispositivo afectado. Un ataque con \u00e9xito podr\u00eda permitir al atacante causar a el servidor VPN Cisco AnyConnect bloquearse y reiniciarse, resultando en el fracaso de las conexiones VPN SSL establecidas y obligar\u00eda a usuarios remotos a iniciar una nueva conexi\u00f3n VPN y volver a autenticarse. Un ataque sostenido podr\u00eda impedir que sean establecidas nuevas conexiones VPN SSL. Nota: Cuando el tr\u00e1fico de ataque es detenido, el servidor VPN Cisco AnyConnect es recuperado con elegancia sin necesidad de intervenci\u00f3n manual. Cisco Meraki ha publicado actualizaciones de software que abordan esta vulnerabilidad"
}
],
"id": "CVE-2022-20933",
"lastModified": "2024-11-21T06:43:51.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-26T15:15:14.713",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-234"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2022-AVI-938
Vulnerability from certfr_avis - Published: 2022-10-20 - Updated: 2022-10-20
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Meraki MX | Cisco Meraki MX Firmware versions 16.2 à 16.16 antérieures à 16.16.6 | ||
| Cisco | Meraki MX | Cisco Meraki MX Firmware versions 17.x antérieures à 17.10.1 | ||
| Cisco | N/A | Cisco ISE versions 3.2 antérieures à 3.2P1 (disponible à partir de novembre 2022) | ||
| Cisco | N/A | Cisco ISE versions 3.1 antérieures à 3.1P5 (disponible à partir de novembre 2022) |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco Meraki MX Firmware versions 16.2 \u00e0 16.16 ant\u00e9rieures \u00e0 16.16.6",
"product": {
"name": "Meraki MX",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Meraki MX Firmware versions 17.x ant\u00e9rieures \u00e0 17.10.1",
"product": {
"name": "Meraki MX",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISE versions 3.2 ant\u00e9rieures \u00e0 3.2P1 (disponible \u00e0 partir de novembre 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISE versions 3.1 ant\u00e9rieures \u00e0 3.1P5 (disponible \u00e0 partir de novembre 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-20822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20822"
},
{
"name": "CVE-2022-20933",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20933"
}
],
"initial_release_date": "2022-10-20T00:00:00",
"last_revision_date": "2022-10-20T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-938",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ise-path-trav-Dz5dpzyM du 19 octobre 2022",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-meraki-mx-vpn-dos-vnESbgBf du 19 octobre 2022",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
]
}
GSD-2022-20933
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-20933",
"description": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.",
"id": "GSD-2022-20933"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-20933"
],
"details": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.",
"id": "GSD-2022-20933",
"modified": "2023-12-13T01:19:16.165842Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-10-19T16:00:00",
"ID": "CVE-2022-20933",
"STATE": "PUBLIC",
"TITLE": "Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Meraki MX Firmware ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Neither the Cisco Product Security Incident Response Team (PSIRT) nor the Cisco Meraki Incident Response Team is aware of any malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-234"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
]
},
"source": {
"advisory": "cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
"defect": [
[
"NA"
]
],
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.10.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.16.6",
"versionStartIncluding": "16.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2022-20933"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20221019 Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability",
"refsource": "CISCO",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
},
"lastModifiedDate": "2022-10-31T17:40Z",
"publishedDate": "2022-10-26T15:15Z"
}
}
}
GHSA-9VRX-XFR3-HFJJ
Vulnerability from github – Published: 2022-10-26 19:00 – Updated: 2022-10-31 19:00
VLAI?
Details
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.
Severity ?
8.6 (High)
{
"affected": [],
"aliases": [
"CVE-2022-20933"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-26T15:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability.",
"id": "GHSA-9vrx-xfr3-hfjj",
"modified": "2022-10-31T19:00:26Z",
"published": "2022-10-26T19:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20933"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2022-20933
Vulnerability from fstec - Published: 19.10.2022
VLAI Severity ?
Title
Уязвимость VPN-сервера Cisco AnyConnect сетевых устройств Cisco Meraki MX и Cisco Meraki Z3 Teleworker Gateway, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость VPN-сервера Cisco AnyConnect сетевых устройств Cisco Meraki MX и Cisco Meraki Z3 Teleworker Gateway связана с ошибками при обработке функцией отсутствующего параметра. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
Cisco Systems Inc.
Software Name
Cisco Meraki MX, Cisco Meraki Z3 Teleworker Gateway
Software Version
от 16.2 до 16.16.6 (Cisco Meraki MX), от 17 до 17.10.1 (Cisco Meraki MX), от 16.2 до 16.16.6 (Cisco Meraki Z3 Teleworker Gateway), от 17 до 17.10.1 (Cisco Meraki Z3 Teleworker Gateway)
Possible Mitigations
Установка обновлений из доверенных источников.
В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков.
Компенсирующие меры:
- использование средств межсетевого экранирования;
- применение систем обнаружения и предотвращения вторжений.
Использование рекомендаций:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf
Reference
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf
CWE
CWE-234
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 16.2 \u0434\u043e 16.16.6 (Cisco Meraki MX), \u043e\u0442 17 \u0434\u043e 17.10.1 (Cisco Meraki MX), \u043e\u0442 16.2 \u0434\u043e 16.16.6 (Cisco Meraki Z3 Teleworker Gateway), \u043e\u0442 17 \u0434\u043e 17.10.1 (Cisco Meraki Z3 Teleworker Gateway)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f;\n- \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.10.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.02.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.02.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-00690",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-20933",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Meraki MX, Cisco Meraki Z3 Teleworker Gateway",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Cisco AnyConnect \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Meraki MX \u0438 Cisco Meraki Z3 Teleworker Gateway, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 (CWE-234)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Cisco AnyConnect \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Meraki MX \u0438 Cisco Meraki Z3 Teleworker Gateway \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-234",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…