Vulnerability-Lookup

CVE-2024-20500 (GCVE-0-2024-20500)

Vulnerability from cvelistv5 – Published: 2024-10-02 18:23 – Updated: 2025-06-04 20:19

Summary

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco Meraki MX Firmware	Affected: N/A

GSD-2024-20500

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-20500

Aliases

CVE-2024-20500

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2024-20500",
    "id": "GSD-2024-20500"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-20500"
      ],
      "id": "GSD-2024-20500",
      "modified": "2023-12-13T01:21:42.906779Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-20500",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CERTFR-2024-AVI-0833

Vulnerability from certfr_avis - Published: 2024-10-03 - Updated: 2024-10-03

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les périphériques Small Business RV340, RV340W, RV345, et RV345P Dual WAN Gigabit VPN ne sont plus supportés et ne seront pas mis à jour par Cisco.

Impacted products

	Vendor	Product	Description
	Cisco	Meraki MX	Meraki MX et Z versions postérieures à 16.2 et antérieures à 18.211.2
	Cisco	Nexus Dashboard Fabric Controller	Nexus Dashboard Fabric Controller versions 12.0 antérieures à 12.2.2

References

Title

Publication Time

FKIE_CVE-2024-20500

Vulnerability from fkie_nvd - Published: 2024-10-02 19:15 - Updated: 2025-06-04 21:15

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	meraki_z4c_firmware	*
cisco	meraki_z4c	-
cisco	meraki_z4_firmware	*
cisco	meraki_z4	-
cisco	meraki_z3c_firmware	*
cisco	meraki_z3c	-
cisco	meraki_z3_firmware	*
cisco	meraki_z3	-
cisco	meraki_vmx_firmware	*
cisco	meraki_vmx	-
cisco	meraki_mx600_firmware	*
cisco	meraki_mx600	-
cisco	meraki_mx450_firmware	*
cisco	meraki_mx450	-
cisco	meraki_mx400_firmware	*
cisco	meraki_mx400	-
cisco	meraki_mx250_firmware	*
cisco	meraki_mx250	-
cisco	meraki_mx105_firmware	*
cisco	meraki_mx105	-
cisco	meraki_mx100_firmware	*
cisco	meraki_mx100	-
cisco	meraki_mx95_firmware	*
cisco	meraki_mx95	-
cisco	meraki_mx85_firmware	*
cisco	meraki_mx85	-
cisco	meraki_mx84_firmware	*
cisco	meraki_mx84	-
cisco	meraki_mx75_firmware	*
cisco	meraki_mx75	-
cisco	meraki_mx68w_firmware	*
cisco	meraki_mx68w	-
cisco	meraki_mx68cw_firmware	*
cisco	meraki_mx68cw	-
cisco	meraki_mx68_firmware	*
cisco	meraki_mx68	-
cisco	meraki_mx67w_firmware	*
cisco	meraki_mx67w	-
cisco	meraki_mx67c_firmware	*
cisco	meraki_mx67c	-
cisco	meraki_mx67_firmware	*
cisco	meraki_mx67	-
cisco	meraki_mx65w_firmware	*
cisco	meraki_mx65w	-
cisco	meraki_mx65_firmware	*
cisco	meraki_mx65	-
cisco	meraki_mx64w_firmware	*
cisco	meraki_mx64w	-
cisco	meraki_mx64_firmware	*
cisco	meraki_mx64	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
              "versionEndExcluding": "18.211.2",
              "versionStartIncluding": "16.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "553AC2DF-6F85-40D3-B3B1-F979364BA4BD",
              "versionEndIncluding": "18.211.2",
              "versionStartIncluding": "17.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\r\n\n This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\r\n\n Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor VPN de Cisco AnyConnect de los dispositivos Cisco Meraki MX y Cisco Meraki Z Series Teleworker Gateway podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servicio AnyConnect de un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos al establecer sesiones TLS/SSL. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de mensajes TLS/SSL manipulados al servidor VPN de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el servidor VPN de Cisco AnyConnect deje de aceptar nuevas conexiones, lo que impedir\u00eda que se establecieran nuevas conexiones VPN SSL. Las sesiones VPN SSL existentes no se ven afectadas. Nota: Cuando el tr\u00e1fico del ataque se detiene, el servidor VPN de Cisco AnyConnect se recupera sin problemas sin necesidad de intervenci\u00f3n manual."
    }
  ],
  "id": "CVE-2024-20500",
  "lastModified": "2025-06-04T21:15:36.527",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-02T19:15:14.350",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-20500

Vulnerability from fstec - Published: 02.10.2024

Title

Уязвимость VPN-сервера Cisco AnyConnect сетевых устройств Cisco Meraki MX и Cisco Meraki ZTeleworker Gateway, позволяющая нарушителю вызвать перезагрузку устройства или вызвать отказ в обслуживании

Description

Уязвимость VPN-сервера Cisco AnyConnect сетевых устройств Cisco Meraki MX и Cisco Meraki Z Teleworker Gateway связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать перезагрузку устройства или вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

Cisco Meraki Z Series Teleworker Gateway, Cisco Meraki MX

Software Version

- (Cisco Meraki Z Series Teleworker Gateway), 16.2 (Cisco Meraki MX), до 18.107.12 (Cisco Meraki MX), до 18.211.2 (Cisco Meraki MX), 17 (Cisco Meraki MX)

Possible Mitigations

Использование рекомендаций: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2 https://vuldb.com/?id.279100

CWE

CWE-400

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Cisco Meraki Z Series Teleworker Gateway), 16.2 (Cisco Meraki MX), \u0434\u043e 18.107.12 (Cisco Meraki MX), \u0434\u043e 18.211.2 (Cisco Meraki MX), 17 (Cisco Meraki MX)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.06.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-07149",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-20500",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Meraki Z Series Teleworker Gateway, Cisco Meraki MX",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Cisco AnyConnect \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Meraki MX \u0438 Cisco Meraki ZTeleworker Gateway, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Cisco AnyConnect \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco Meraki MX \u0438 Cisco Meraki Z Teleworker Gateway \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2\nhttps://vuldb.com/?id.279100",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

GHSA-7PGW-6P7M-45VF

Vulnerability from github – Published: 2024-10-02 21:30 – Updated: 2024-10-02 21:30

Details

This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.

Severity ?

5.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-20500"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-02T19:15:14Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.\n\nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.\nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.",
  "id": "GHSA-7pgw-6p7m-45vf",
  "modified": "2024-10-02T21:30:34Z",
  "published": "2024-10-02T21:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20500"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-20500 (GCVE-0-2024-20500)

GSD-2024-20500

CERTFR-2024-AVI-0833

Solutions

FKIE_CVE-2024-20500

CVE-2024-20500

GHSA-7PGW-6P7M-45VF

Tags

Sightings

Nomenclature