Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2020-3358
HistoryJul 16, 2020 - 6:15 p.m.

CVE-2020-3358

2020-07-1618:15:18
CWE-20
cisco
web.nvd.nist.gov
39
cve-2020-3358
vulnerability
ssl vpn
cisco
small business
rv vpn routers
denial of service
dos
input validation
http request

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

43.1%

JSON

A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.

Affected configurations

Nvd
Node
ciscorv340_dual_wan_gigabit_vpn_router_firmwareRange<1.0.03.18
AND
ciscorv340_dual_wan_gigabit_vpn_routerMatch-
Node
ciscorv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmwareRange<1.0.03.18
AND
ciscorv340w_dual_wan_gigabit_wireless-ac_vpn_routerMatch-
Node
ciscorv345_dual_wan_gigabit_vpn_router_firmwareRange<1.0.03.18
AND
ciscorv345_dual_wan_gigabit_vpn_routerMatch-
Node
ciscorv345p_dual_wan_gigabit_poe_vpn_router_firmwareRange<1.0.03.18
AND
ciscorv345p_dual_wan_gigabit_poe_vpn_routerMatch-
VendorProductVersionCPE
ciscorv340_dual_wan_gigabit_vpn_router_firmware*cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:*:*:*:*:*:*:*:*
ciscorv340_dual_wan_gigabit_vpn_router-cpe:2.3:h:cisco:rv340_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*
ciscorv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware*cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:*:*:*:*:*:*:*:*
ciscorv340w_dual_wan_gigabit_wireless-ac_vpn_router-cpe:2.3:h:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router:-:*:*:*:*:*:*:*
ciscorv345_dual_wan_gigabit_vpn_router_firmware*cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:*:*:*:*:*:*:*:*
ciscorv345_dual_wan_gigabit_vpn_router-cpe:2.3:h:cisco:rv345_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*
ciscorv345p_dual_wan_gigabit_poe_vpn_router_firmware*cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:*:*:*:*:*:*:*:*
ciscorv345p_dual_wan_gigabit_poe_vpn_router-cpe:2.3:h:cisco:rv345p_dual_wan_gigabit_poe_vpn_router:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Cisco Small Business RV Series Router Firmware",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Related

nessus 1
cvelist 1
cisco 1
nvd 1
prion 1
nessus
nessus
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers < 1.0.03.18 SSL DoS (cisco-sa-sb-dos-ZN5GvNH7)
2020-09-04 00:00:00
cvelist
cvelist
CVE-2020-3358 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
2020-07-16 17:21:28
cisco
cisco
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
2020-07-15 16:00:00
nvd
nvd
CVE-2020-3358
2020-07-16 18:15:18
prion
prion
Race condition
2020-07-16 18:15:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

43.1%

JSON
Related for CVE-2020-3358
nessus1cvelist1cisco1nvd1prion1