Unauthenticated DoS Vulnerability in Cisco AnyConnect VPN Server Could Lead to Service Disruption
CVE-2024-20499

7.5HIGH

Key Information:

Vendor
Cisco
Status
Cisco Meraki Mx Firmware
Vendor
CVE Published:
2 October 2024

Summary

The vulnerability identified in Cisco AnyConnect VPN server affects Cisco Meraki MX and Z Series Teleworker Gateway devices, allowing unauthenticated, remote attackers to potentially trigger a Denial of Service condition. This issue stems from inadequate validation of client-supplied parameters during the establishment of an SSL VPN session. An attacker could exploit this vulnerability by sending a specially crafted HTTPS request to the affected VPN server. Successful exploitation may lead to the restart of the AnyConnect VPN server, disrupting existing SSL VPN connections and necessitating reauthentication for users. Ongoing attacks can prevent the initiation of new VPN connections while the attack is active. Fortunately, once the attack ceases, the server is capable of recovering automatically without the need for manual intervention.

Affected Version(s)

Cisco Meraki MX Firmware

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.