A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
22 May 2023, 17:08
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco 1100 Integrated Services Router
|
|
CPE | cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:* |
16 May 2022, 14:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:citrix:sd-wan_1100:-:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_2000:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:integrated_services_router_1100:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:sd-wan_vedge_router:20.7:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_110:-:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_1000:-:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_5100:-:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_2100:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:sd-wan_vedge_router:*:*:*:*:*:*:*:* cpe:2.3:h:citrix:sd-wan_210:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 4.9
v3 : 5.5 |
CWE | CWE-770 | |
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB - Vendor Advisory | |
First Time |
Citrix sd-wan 2000
Cisco sd-wan Vedge Router Cisco integrated Services Router 1100 Citrix sd-wan 1100 Citrix Citrix sd-wan 110 Citrix sd-wan 2100 Citrix sd-wan 1000 Cisco Citrix sd-wan 5100 Citrix sd-wan 210 |
15 Apr 2022, 15:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-15 15:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-20717
Mitre link : CVE-2022-20717
CVE.ORG link : CVE-2022-20717
JSON object : View
Products Affected
citrix
- sd-wan_2100
- sd-wan_210
- sd-wan_2000
- sd-wan_1100
- sd-wan_5100
- sd-wan_110
- sd-wan_1000
cisco
- sd-wan_vedge_router
- 1100_integrated_services_router