ID

VAR-202011-1017


CVE

CVE-2020-3444


TITLE

Cisco SD-WAN vEdge input validation error vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-61019 // CNNVD: CNNVD-202011-256

DESCRIPTION

A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a targeted device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet into the network. Cisco SD-WAN The software contains an input verification vulnerability.Information may be tampered with. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions

Trust: 2.34

sources: NVD: CVE-2020-3444 // JVNDB: JVNDB-2020-013359 // CNVD: CNVD-2020-61019 // VULHUB: VHN-181569 // VULMON: CVE-2020-3444

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-61019

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:lteversion:17.2.1

Trust: 1.0

vendor:ciscomodel:ios xescope:lteversion:16.12.2r

Trust: 1.0

vendor:ciscomodel:ios xescope:gteversion:17.2

Trust: 1.0

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:sd-wan vedgescope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-61019 // JVNDB: JVNDB-2020-013359 // NVD: CVE-2020-3444

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3444
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3444
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-3444
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-61019
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202011-256
value: HIGH

Trust: 0.6

VULHUB: VHN-181569
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3444
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3444
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2020-61019
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-181569
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3444
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3444
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2020-3444
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-61019 // VULHUB: VHN-181569 // VULMON: CVE-2020-3444 // JVNDB: JVNDB-2020-013359 // CNNVD: CNNVD-202011-256 // NVD: CVE-2020-3444 // NVD: CVE-2020-3444

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Incorrect input confirmation (CWE-20) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-181569 // JVNDB: JVNDB-2020-013359 // NVD: CVE-2020-3444

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202011-256

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202011-256

PATCH

title:cisco-sa-cedge-filt-bypass-Y6wZMqm4url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cedge-filt-bypass-Y6wZMqm4

Trust: 0.8

title:Patch for Cisco SD-WAN vEdge input validation error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/238912

Trust: 0.6

title:Cisco SD-WAN vEdge Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134499

Trust: 0.6

title:Cisco: Cisco SD-WAN Software Packet Filtering Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-cedge-filt-bypass-Y6wZMqm4

Trust: 0.1

title:CVE-2020-3444url:https://github.com/AlAIAL90/CVE-2020-3444

Trust: 0.1

sources: CNVD: CNVD-2020-61019 // VULMON: CVE-2020-3444 // JVNDB: JVNDB-2020-013359 // CNNVD: CNNVD-202011-256

EXTERNAL IDS

db:NVDid:CVE-2020-3444

Trust: 3.2

db:AUSCERTid:ESB-2020.3813

Trust: 1.2

db:JVNDBid:JVNDB-2020-013359

Trust: 0.8

db:CNVDid:CNVD-2020-61019

Trust: 0.7

db:AUSCERTid:ESB-2020.3813.2

Trust: 0.6

db:CNNVDid:CNNVD-202011-256

Trust: 0.6

db:VULHUBid:VHN-181569

Trust: 0.1

db:VULMONid:CVE-2020-3444

Trust: 0.1

sources: CNVD: CNVD-2020-61019 // VULHUB: VHN-181569 // VULMON: CVE-2020-3444 // JVNDB: JVNDB-2020-013359 // CNNVD: CNNVD-202011-256 // NVD: CVE-2020-3444

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cedge-filt-bypass-y6wzmqm4

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-3444

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2020.3813/

Trust: 1.2

url:https://www.auscert.org.au/bulletins/esb-2020.3813.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://github.com/alaial90/cve-2020-3444

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2020-61019 // VULHUB: VHN-181569 // VULMON: CVE-2020-3444 // JVNDB: JVNDB-2020-013359 // CNNVD: CNNVD-202011-256 // NVD: CVE-2020-3444

SOURCES

db:CNVDid:CNVD-2020-61019
db:VULHUBid:VHN-181569
db:VULMONid:CVE-2020-3444
db:JVNDBid:JVNDB-2020-013359
db:CNNVDid:CNNVD-202011-256
db:NVDid:CVE-2020-3444

LAST UPDATE DATE

2024-08-14T13:24:04.114000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-61019date:2020-11-07T00:00:00
db:VULHUBid:VHN-181569date:2021-08-06T00:00:00
db:VULMONid:CVE-2020-3444date:2021-08-06T00:00:00
db:JVNDBid:JVNDB-2020-013359date:2021-06-28T08:08:00
db:CNNVDid:CNNVD-202011-256date:2021-08-09T00:00:00
db:NVDid:CVE-2020-3444date:2021-08-06T19:01:10.933

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-61019date:2020-11-07T00:00:00
db:VULHUBid:VHN-181569date:2020-11-06T00:00:00
db:VULMONid:CVE-2020-3444date:2020-11-06T00:00:00
db:JVNDBid:JVNDB-2020-013359date:2021-06-28T00:00:00
db:CNNVDid:CNNVD-202011-256date:2020-11-04T00:00:00
db:NVDid:CVE-2020-3444date:2020-11-06T19:15:14.440