A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.
References
Link | Resource |
---|---|
https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r | Exploit Third Party Advisory |
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
23 May 2023, 13:55
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco 1100-4gltegb Integrated Services Router
Cisco 1100-4g Integrated Services Router Cisco 1100-6g Integrated Services Router Cisco 1100-4gltena Integrated Services Router |
|
CPE | cpe:2.3:h:cisco:isr1100-6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100-4gltegb:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100-4g:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:* |
19 Jul 2022, 11:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:sd-wan_firmware:20.3.0:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r - Exploit, Third Party Advisory |
22 Apr 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Mar 2022, 16:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:* |
|
First Time |
Cisco vmanage Network Management System
Cisco vsmart Controller Cisco vedge Cloud Router |
Information
Published : 2020-03-19 16:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-3264
Mitre link : CVE-2020-3264
CVE.ORG link : CVE-2020-3264
JSON object : View
Products Affected
cisco
- vedge_2000
- vsmart_controller
- 1100-4gltena_integrated_services_router
- 1100-4gltegb_integrated_services_router
- vedge_1000
- vedge_cloud_router
- vedge_5000
- vedge_100m
- vedge_100wm
- vedge_100
- 1100-6g_integrated_services_router
- vmanage_network_management_system
- sd-wan_firmware
- vedge_100b
- 1100-4g_integrated_services_router