Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco SD-WAN Solution Software Buffer Overflow Vulnerability

cisco-sa-sdbufof-h5f5VSeL · Critical · Published · Updated

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2020-3375
Cisco Bug IDsCSCvt11538
CVSS ScoreBase 9.8
Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco SD-WAN vManage, Cisco IOS XE SD-WAN Software, Cisco IOS XE SD-WAN Software 16.9.0, Cisco IOS XE SD-WAN Software 16.9.1, Cisco IOS XE SD-WAN Software 16.9.2, Cisco IOS XE SD-WAN Software 16.9.3, Cisco IOS XE SD-WAN Software 16.9.4, Cisco IOS XE SD-WAN Software 16.10.0, Cisco IOS XE SD-WAN Software 16.10.1, Cisco IOS XE SD-WAN Software 16.10.2, Cisco IOS XE SD-WAN Software 16.10.3, Cisco IOS XE SD-WAN Software 16.10.3a, Cisco IOS XE SD-WAN Software 16.10.3b, Cisco IOS XE SD-WAN Software 16.10.4, Cisco IOS XE SD-WAN Software 16.11.0, Cisco IOS XE SD-WAN Software 16.11.1a, Cisco IOS XE SD-WAN Software 16.12.0, Cisco IOS XE SD-WAN Software 16.12.1b, Cisco IOS XE SD-WAN Software 16.12.1d, Cisco IOS XE SD-WAN Software 16.12.1e, Cisco IOS XE SD-WAN Software 16.12.2r, Cisco Catalyst SD-WAN Manager, Cisco IOS XE Catalyst SD-WAN

Related Products

Product CVE Evidence
Cisco IOS CVE-2020-3375 Cisco OpenVuln
Cisco IOS XE Catalyst SD-WAN CVE-2020-3375 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2020-3375 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2020-3375 Cisco OpenVuln
Cisco Catalyst 9600 Series Switches CVE-2020-3375 Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches CVE-2020-3375 Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches CVE-2020-3375 Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches CVE-2020-3375 Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches CVE-2020-3375 Cisco OpenVuln · software-dependent