Details of VAR-202007-1051

ID

VAR-202007-1051

CVE

CVE-2020-3385

TITLE

Cisco SD-WAN vEdge Vulnerabilities in routers

Trust: 0.8

sources: JVNDB: JVNDB-2020-008350

DESCRIPTION

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted packets through an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition. Cisco SD-WAN vEdge An unspecified vulnerability exists in the router.Service operation interruption (DoS) It may be put into a state. Cisco SD-WAN vEdge 5000 Series Routers is Cisco's SD-WAN solution routing equipment. Attackers can use special techniques The data exploits this vulnerability to cause the device to restart (denial of service)

Trust: 2.25

sources: NVD: CVE-2020-3385 // JVNDB: JVNDB-2020-008350 // CNVD: CNVD-2020-41234 // VULHUB: VHN-181510

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-41234

AFFECTED PRODUCTS

vendor:	cisco	model:	sd-wan	scope:	gte	version:	19.2.0	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	lt	version:	19.2.3	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	gte	version:	19.3.0	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	lte	version:	18.3.0	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	lt	version:	20.1.1	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	gte	version:	18.4.0	Trust: 1.0
vendor:	cisco	model:	vedge cloud router	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	lt	version:	18.4.5	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sd-wan vedge series routers	scope:	eq	version:	5000	Trust: 0.6
vendor:	cisco	model:	sd-wan vedge cloud routers	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-41234 // JVNDB: JVNDB-2020-008350 // NVD: CVE-2020-3385

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3385
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3385
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-008350
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2020-41234
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202007-1109
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-181510
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3385
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-008350
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-41234
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-181510
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3385
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3385
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-008350
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-41234 // VULHUB: VHN-181510 // JVNDB: JVNDB-2020-008350 // CNNVD: CNNVD-202007-1109 // NVD: CVE-2020-3385 // NVD: CVE-2020-3385

PROBLEMTYPE DATA

problemtype:	CWE-371	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: NVD: CVE-2020-3385

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202007-1109

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-1109

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-008350

PATCH

title:	cisco-sa-vedgfpdos-PkqQrnwV	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vedgfpdos-PkqQrnwV	Trust: 0.8
title:	Patch for Cisco SD-WAN vEdge 5000 Series Routers and SD-WAN vEdge Cloud Routers denial of service vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/226373	Trust: 0.6
title:	Cisco SD-WAN vEdge 5000 Series Routers and SD-WAN vEdge Cloud Routers Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124919	Trust: 0.6

sources: CNVD: CNVD-2020-41234 // JVNDB: JVNDB-2020-008350 // CNNVD: CNNVD-202007-1109

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3385	Trust: 3.1
db:	JVNDB	id:	JVNDB-2020-008350	Trust: 0.8
db:	CNVD	id:	CNVD-2020-41234	Trust: 0.7
db:	CNNVD	id:	CNNVD-202007-1109	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2424	Trust: 0.6
db:	VULHUB	id:	VHN-181510	Trust: 0.1

sources: CNVD: CNVD-2020-41234 // VULHUB: VHN-181510 // JVNDB: JVNDB-2020-008350 // CNNVD: CNNVD-202007-1109 // NVD: CVE-2020-3385

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-vedgfpdos-pkqqrnwv	Trust: 2.9
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3385	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3385	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.2424/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-sd-wan-vedge-router-denial-of-service-via-dpi-32858	Trust: 0.6

sources: CNVD: CNVD-2020-41234 // VULHUB: VHN-181510 // JVNDB: JVNDB-2020-008350 // CNNVD: CNNVD-202007-1109 // NVD: CVE-2020-3385

SOURCES

db:	CNVD	id:	CNVD-2020-41234
db:	VULHUB	id:	VHN-181510
db:	JVNDB	id:	JVNDB-2020-008350
db:	CNNVD	id:	CNNVD-202007-1109
db:	NVD	id:	CVE-2020-3385

LAST UPDATE DATE

2024-11-23T21:35:30.529000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-41234	date:	2020-07-21T00:00:00
db:	VULHUB	id:	VHN-181510	date:	2020-07-23T00:00:00
db:	JVNDB	id:	JVNDB-2020-008350	date:	2020-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202007-1109	date:	2021-01-05T00:00:00
db:	NVD	id:	CVE-2020-3385	date:	2024-11-21T05:30:55.590

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-41234	date:	2020-07-21T00:00:00
db:	VULHUB	id:	VHN-181510	date:	2020-07-16T00:00:00
db:	JVNDB	id:	JVNDB-2020-008350	date:	2020-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202007-1109	date:	2020-07-15T00:00:00
db:	NVD	id:	CVE-2020-3385	date:	2020-07-16T18:15:19.003