A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-07-16 11:15
Updated : 2021-08-06 11:46
NVD link : CVE-2020-3358
Mitre link : CVE-2020-3358
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
cisco
- rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware
- rv340_dual_wan_gigabit_vpn_router
- rv340_dual_wan_gigabit_vpn_router_firmware
- rv340w_dual_wan_gigabit_wireless-ac_vpn_router
- rv345_dual_wan_gigabit_vpn_router_firmware
- rv345p_dual_wan_gigabit_poe_vpn_router_firmware
- rv345p_dual_wan_gigabit_poe_vpn_router
- rv345_dual_wan_gigabit_vpn_router