Vulnerability Details CVE-2020-3372
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2020-3372
-
cpe:2.3:h:cisco:1100-4g_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-6g_integrated_services_router:-
-
cpe:2.3:h:cisco:vedge_1000:-
-
cpe:2.3:h:cisco:vedge_100:-
-
cpe:2.3:h:cisco:vedge_100b:-
-
cpe:2.3:h:cisco:vedge_100m:-
-
cpe:2.3:h:cisco:vedge_100wm:-
-
cpe:2.3:h:cisco:vedge_2000:-
-
cpe:2.3:h:cisco:vedge_5000:-
-
cpe:2.3:o:cisco:sd-wan_firmware:-
-
cpe:2.3:o:cisco:sd-wan_firmware:16.12.1b
-
cpe:2.3:o:cisco:sd-wan_firmware:16.12.1d
-
cpe:2.3:o:cisco:sd-wan_firmware:16.12.1e
-
cpe:2.3:o:cisco:sd-wan_firmware:16.12.2r
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.0
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.10
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.4
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.5
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.6
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.7
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.8
-
cpe:2.3:o:cisco:sd-wan_firmware:17.2.9
-
cpe:2.3:o:cisco:sd-wan_firmware:18.2.0
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.0
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.1
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.3
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.3.1
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.4
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.5
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.6
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.7
-
cpe:2.3:o:cisco:sd-wan_firmware:18.3.8
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.0
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.1
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.3
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.302
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.303
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.4
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.5
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.6
-
cpe:2.3:o:cisco:sd-wan_firmware:19.1.0
-
cpe:2.3:o:cisco:sd-wan_firmware:19.2.0
-
cpe:2.3:o:cisco:sd-wan_firmware:19.2.1
-
cpe:2.3:o:cisco:sd-wan_firmware:19.2.2
-
cpe:2.3:o:cisco:sd-wan_firmware:20.1.0
-
cpe:2.3:o:cisco:sd-wan_firmware:20.1.1
-
cpe:2.3:o:cisco:sd-wan_firmware:20.1.1.1
-
cpe:2.3:o:cisco:sd-wan_firmware:20.1.2