CVE-2023-20262 - Vulnerability Details

Description

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.

This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.

Published: 2023-09-27

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco SD-WAN Solution

affected

Version	Status	Constraints
`17.2.4`	affected	—
`17.2.5`	affected	—
`17.2.6`	affected	—
`17.2.7`	affected	—
`17.2.8`	affected	—
`17.2.9`	affected	—
`17.2.10`	affected	—
`18.2.0`	affected	—
`18.3.0`	affected	—
`18.3.1`	affected	—
`18.3.3`	affected	—
`18.3.3.1`	affected	—
`18.3.4`	affected	—
`18.3.5`	affected	—
`18.3.6`	affected	—
`18.3.7`	affected	—
`18.3.8`	affected	—
`18.4.0`	affected	—
`18.4.1`	affected	—
`18.4.0.1`	affected	—
`18.4.3`	affected	—
`18.4.302`	affected	—
`18.4.303`	affected	—
`18.4.4`	affected	—
`18.4.5`	affected	—
`18.4.6`	affected	—
`19.1.0`	affected	—
`19.2.0`	affected	—
`19.2.097`	affected	—
`19.2.099`	affected	—
`19.2.1`	affected	—
`19.2.2`	affected	—
`19.2.3`	affected	—
`19.2.929`	affected	—
`19.2.31`	affected	—
`19.2.4`	affected	—
`19.3.0`	affected	—
`20.1.1`	affected	—
`20.1.1.1`	affected	—
`20.1.11`	affected	—
`20.1.12`	affected	—
`20.1.2`	affected	—
`20.1.3`	affected	—
`20.1.3.1`	affected	—
`20.3.1`	affected	—
`20.3.2`	affected	—
`20.3.2.1`	affected	—
`20.3.3`	affected	—
`20.3.3.1`	affected	—
`20.3.4`	affected	—
`20.3.4.2`	affected	—
`20.3.4.1`	affected	—
`20.3.5`	affected	—
`20.3.6`	affected	—
`20.3.4.3`	affected	—
`20.3.5.1`	affected	—
`20.4.1`	affected	—
`20.4.1.1`	affected	—
`20.4.1.2`	affected	—
`20.4.2`	affected	—
`20.4.2.2`	affected	—
`20.4.2.1`	affected	—
`20.4.2.3`	affected	—
`20.5.1`	affected	—
`20.5.1.2`	affected	—
`20.5.1.1`	affected	—
`20.6.1`	affected	—
`20.6.1.1`	affected	—
`20.6.2.2`	affected	—
`20.6.2.1`	affected	—
`20.6.2`	affected	—
`20.6.3`	affected	—
`20.6.3.1`	affected	—
`20.6.4`	affected	—
`20.6.4.1`	affected	—
`20.6.5`	affected	—
`20.6.5.2`	affected	—
`20.6.3.2`	affected	—
`20.6.3.3`	affected	—
`20.6.1.2`	affected	—
`20.6.3.4`	affected	—
`20.6.4.2`	affected	—
`20.6.5.4`	affected	—
`20.6.5.5`	affected	—
`20.7.1`	affected	—
`20.7.1.1`	affected	—
`20.7.2`	affected	—
`20.8.1`	affected	—
`20.9.1`	affected	—
`20.9.2.3`	affected	—
`20.10.1.2`	affected	—

Cisco

Cisco SD-WAN vManage

affected

Version	Status	Constraints
`17.2.6`	affected	—
`17.2.7`	affected	—
`17.2.8`	affected	—
`17.2.9`	affected	—
`17.2.10`	affected	—
`17.2.4`	affected	—
`17.2.5`	affected	—
`18.3.1.1`	affected	—
`18.3.3.1`	affected	—
`18.3.3`	affected	—
`18.3.4`	affected	—
`18.3.5`	affected	—
`18.3.7`	affected	—
`18.3.8`	affected	—
`18.3.6.1`	affected	—
`18.3.1`	affected	—
`18.3.0`	affected	—
`18.4.0.1`	affected	—
`18.4.3`	affected	—
`18.4.302`	affected	—
`18.4.303`	affected	—
`18.4.4`	affected	—
`18.4.5`	affected	—
`18.4.0`	affected	—
`18.4.1`	affected	—
`18.4.6`	affected	—
`19.2.0`	affected	—
`19.2.097`	affected	—
`19.2.099`	affected	—
`19.2.1`	affected	—
`19.2.2`	affected	—
`19.2.3`	affected	—
`19.2.31`	affected	—
`19.2.929`	affected	—
`19.2.4`	affected	—
`20.1.1.1`	affected	—
`20.1.12`	affected	—
`20.1.1`	affected	—
`20.1.2`	affected	—
`20.1.3`	affected	—
`19.3.0`	affected	—
`19.1.0`	affected	—
`18.2.0`	affected	—
`20.3.1`	affected	—
`20.3.2`	affected	—
`20.3.2.1`	affected	—
`20.3.3`	affected	—
`20.3.3.1`	affected	—
`20.3.4`	affected	—
`20.3.4.1`	affected	—
`20.3.4.2`	affected	—
`20.3.5`	affected	—
`20.3.6`	affected	—
`20.3.4.3`	affected	—
`20.3.5.1`	affected	—
`20.4.1`	affected	—
`20.4.1.1`	affected	—
`20.4.1.2`	affected	—
`20.4.2`	affected	—
`20.4.2.2`	affected	—
`20.4.2.1`	affected	—
`20.4.2.3`	affected	—
`20.5.1`	affected	—
`20.5.1.2`	affected	—
`20.5.1.1`	affected	—
`20.6.1`	affected	—
`20.6.1.1`	affected	—
`20.6.2.1`	affected	—
`20.6.2.2`	affected	—
`20.6.2`	affected	—
`20.6.3`	affected	—
`20.6.1.2`	affected	—
`20.10.1`	affected	—
`20.10.1.1`	affected	—
`20.10.1.2`	affected	—

Cisco

Cisco SD-WAN vSmart

affected

Version	Status	Constraints
`N/A`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:cisco:catalyst_sd-wan_manager::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage:20.12:::::::*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-24441	A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected. This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00322.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

History

No history.

Subscriptions

Cisco Catalyst Sd-wan Manager Sd-wan Vmanage

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-09-27T17:16:50.429Z

Updated: 2024-08-02T09:05:36.887Z

Reserved: 2022-10-27T18:47:50.373Z

Link: CVE-2023-20262

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-09-27T18:15:11.757

Modified: 2024-11-21T07:41:01.443

Link: CVE-2023-20262

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object