{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-20496","assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","state":"PUBLISHED","assignerShortName":"cisco","dateReserved":"2023-11-08T15:08:07.686Z","datePublished":"2024-09-25T16:20:12.079Z","dateUpdated":"2024-09-25T18:36:07.489Z"},"containers":{"cna":{"title":"Cisco SD-WAN vEdge Routers Denial of Service Vulnerability","metrics":[{"format":"cvssV3_1","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"descriptions":[{"lang":"en","value":"A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An attacker in a machine-in-the-middle position could exploit this vulnerability by sending crafted UDP packets to an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition on the affected system."}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3","name":"cisco-sa-sdw-vedos-KqFfhps3"}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"source":{"advisory":"cisco-sa-sdw-vedos-KqFfhps3","discovery":"EXTERNAL","defects":["CSCwd85135"]},"problemTypes":[{"descriptions":[{"lang":"en","description":"Out-of-bounds Write","type":"cwe","cweId":"CWE-787"}]}],"affected":[{"vendor":"Cisco","product":"Cisco SD-WAN vEdge Cloud","versions":[{"version":"19.2.1","status":"affected"},{"version":"20.1.12","status":"affected"},{"version":"18.4.4","status":"affected"},{"version":"19.3.0","status":"affected"},{"version":"18.3.8","status":"affected"},{"version":"19.2.2","status":"affected"},{"version":"20.1.1","status":"affected"},{"version":"18.3.6","status":"affected"},{"version":"18.4.3","status":"affected"},{"version":"18.4.302","status":"affected"},{"version":"18.4.5","status":"affected"},{"version":"18.4.303","status":"affected"},{"version":"19.2.098","status":"affected"},{"version":"19.1.0","status":"affected"},{"version":"19.0.1a","status":"affected"},{"version":"19.2.099","status":"affected"},{"version":"18.3.7","status":"affected"},{"version":"19.2.097","status":"affected"},{"version":"18.3.1","status":"affected"},{"version":"19.2.0","status":"affected"},{"version":"18.3.4","status":"affected"},{"version":"18.2.0","status":"affected"},{"version":"18.4.1","status":"affected"},{"version":"18.4.0","status":"affected"},{"version":"18.3.5","status":"affected"},{"version":"18.3.3","status":"affected"},{"version":"18.3.0","status":"affected"},{"version":"19.2.3","status":"affected"},{"version":"20.3.1","status":"affected"},{"version":"20.1.2","status":"affected"},{"version":"19.2.929","status":"affected"},{"version":"19.2.31","status":"affected"},{"version":"20.3.2","status":"affected"},{"version":"19.2.32","status":"affected"},{"version":"18.4.6","status":"affected"},{"version":"20.4.1","status":"affected"},{"version":"19.2.4","status":"affected"},{"version":"20.4.1.1","status":"affected"},{"version":"20.3.3","status":"affected"},{"version":"20.5.1","status":"affected"},{"version":"20.1.3","status":"affected"},{"version":"20.4.1.2","status":"affected"},{"version":"20.4.2","status":"affected"},{"version":"20.3.4","status":"affected"},{"version":"20.6.1","status":"affected"},{"version":"20.6.2","status":"affected"},{"version":"20.7.1","status":"affected"},{"version":"20.3.5","status":"affected"},{"version":"20.6.3","status":"affected"},{"version":"20.8.1","status":"affected"},{"version":"20.7.2","status":"affected"},{"version":"20.6.4","status":"affected"},{"version":"20.9.1","status":"affected"},{"version":"20.3.6","status":"affected"},{"version":"20.9.1.1","status":"affected"},{"version":"20.9.2","status":"affected"},{"version":"20.6.5","status":"affected"},{"version":"20.3.7","status":"affected"},{"version":"20.9.3","status":"affected"},{"version":"20.4.2.3","status":"affected"},{"version":"20.3.4.3","status":"affected"},{"version":"20.6.4.1","status":"affected"},{"version":"20.6.3.2","status":"affected"},{"version":"20.3.5.1","status":"affected"},{"version":"20.9.3.1","status":"affected"},{"version":"20.6.5.2","status":"affected"},{"version":"20.3.7.1","status":"affected"},{"version":"20.3.3.2","status":"affected"},{"version":"20.6.1.2","status":"affected"},{"version":"20.1.3.1","status":"affected"},{"version":"20.9.2.2","status":"affected"},{"version":"20.6.5.3","status":"affected"},{"version":"20.6.3.3","status":"affected"},{"version":"20.3.7.2","status":"affected"},{"version":"20.6.5.4","status":"affected"},{"version":"20.9.2.3","status":"affected"},{"version":"20.3.8","status":"affected"}],"defaultStatus":"unknown"},{"vendor":"Cisco","product":"Cisco SD-WAN vEdge router","versions":[{"version":"18.4.303","status":"affected"},{"version":"18.3.7","status":"affected"},{"version":"19.3.0","status":"affected"},{"version":"18.2.0","status":"affected"},{"version":"20.1.12","status":"affected"},{"version":"19.2.099","status":"affected"},{"version":"18.3.3","status":"affected"},{"version":"18.3.6","status":"affected"},{"version":"19.0.0","status":"affected"},{"version":"18.4.0","status":"affected"},{"version":"19.1.01","status":"affected"},{"version":"19.2.098","status":"affected"},{"version":"18.3.1","status":"affected"},{"version":"18.4.302","status":"affected"},{"version":"19.2.2","status":"affected"},{"version":"18.3.5","status":"affected"},{"version":"19.1.0","status":"affected"},{"version":"20.1.11","status":"affected"},{"version":"19.2.097","status":"affected"},{"version":"18.4.5","status":"affected"},{"version":"18.3.8","status":"affected"},{"version":"18.3.0","status":"affected"},{"version":"18.4.3","status":"affected"},{"version":"18.4.4","status":"affected"},{"version":"19.2.1","status":"affected"},{"version":"18.3.4","status":"affected"},{"version":"19.0.1a","status":"affected"},{"version":"20.1.1","status":"affected"},{"version":"18.4.1","status":"affected"},{"version":"19.2.0","status":"affected"},{"version":"19.2.3","status":"affected"},{"version":"20.3.1","status":"affected"},{"version":"20.1.2","status":"affected"},{"version":"19.2.929","status":"affected"},{"version":"19.2.31","status":"affected"},{"version":"20.3.2","status":"affected"},{"version":"19.2.32","status":"affected"},{"version":"18.4.6","status":"affected"},{"version":"20.4.1","status":"affected"},{"version":"19.2.4","status":"affected"},{"version":"20.4.1.1","status":"affected"},{"version":"20.3.3","status":"affected"},{"version":"20.5.1","status":"affected"},{"version":"20.1.3","status":"affected"},{"version":"20.4.1.2","status":"affected"},{"version":"20.4.2","status":"affected"},{"version":"20.3.4","status":"affected"},{"version":"20.6.1","status":"affected"},{"version":"20.6.2","status":"affected"},{"version":"20.7.1","status":"affected"},{"version":"20.7.1.2","status":"affected"},{"version":"20.3.5","status":"affected"},{"version":"20.9.1","status":"affected"},{"version":"20.6.3","status":"affected"},{"version":"20.8.1","status":"affected"},{"version":"20.7.2","status":"affected"},{"version":"20.6.4","status":"affected"},{"version":"20.3.6","status":"affected"},{"version":"20.9.2","status":"affected"},{"version":"20.6.5","status":"affected"},{"version":"20.3.7","status":"affected"},{"version":"20.9.3","status":"affected"},{"version":"20.6.5.1","status":"affected"},{"version":"20.3.3.2","status":"affected"},{"version":"20.6.4.1","status":"affected"},{"version":"20.6.3.2","status":"affected"},{"version":"20.3.4.3","status":"affected"},{"version":"20.6.5.2","status":"affected"},{"version":"20.9.3.1","status":"affected"},{"version":"20.3.7.1","status":"affected"},{"version":"20.3.5.1","status":"affected"},{"version":"20.4.2.3","status":"affected"},{"version":"20.6.1.2","status":"affected"},{"version":"20.9.2.2","status":"affected"},{"version":"20.1.3.1","status":"affected"},{"version":"20.6.5.3","status":"affected"},{"version":"20.6.3.3","status":"affected"},{"version":"20.3.7.2","status":"affected"},{"version":"20.6.5.4","status":"affected"},{"version":"20.9.2.3","status":"affected"},{"version":"20.3.8","status":"affected"}],"defaultStatus":"unknown"}],"providerMetadata":{"orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco","dateUpdated":"2024-09-25T16:20:12.079Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-25T18:35:59.706749Z","id":"CVE-2024-20496","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-25T18:36:07.489Z"}}]}}