CVE-2024-20509

Published Oct 2, 2024
Last updated a month ago
CVSS medium 5.9
Overview

Description: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. This vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device.
Source: ykramarz@cisco.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
Weaknesses

nvd@nist.gov: CWE-362
ykramarz@cisco.com: CWE-362
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx65_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3C6574B-E879-4813-9516-93B41EBDFBD3",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "17.6.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx65:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B3099A12-2D6F-4486-A690-1C809AF480B0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx64_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23FA0FF8-5926-4623-9348-4347331C5F3F",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "17.6.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE749570-1EA6-4734-B96A-D02B3BA3A756"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_z4c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B63AAC8-D59D-4EF1-829E-11E9CB18A41F",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_z4c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AEE09C2D-9F52-4C72-9D7C-F9AF710D1174"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_z4_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F62D4319-19DA-4DC0-88D0-DE859504EA6D",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_z4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36770C3B-F962-48FB-9D9F-3EABB1F10EFD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7C73DAF-C7AF-4090-8F96-3D6F93A1DABD",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A4FD3B4-FD1F-4340-B4AC-D76C11DAD4D5",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_vmx_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96D29083-7535-4B23-9141-BF6CE2824184",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_vmx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D6CE4DAD-7FA3-4D1B-A24F-D2B9F4F331BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx600_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C8F2FA1-B439-4978-AD2B-34C98310D894",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A4CF5E0-A7D0-4C9D-A180-16288BE3AC1A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx450_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D620C14D-7724-4C38-83A6-E33328EDE7C3",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B35EB71-8584-4803-A438-AEC406FD8445"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61EA9B6-126D-4174-8BEF-7FD311724C03",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2ACA552D-78D3-4312-9537-28ADBB15E08A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx250_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "869396D2-5CB1-45FF-8CC8-C6BA17548076",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2D6CBE98-6B20-4F05-8871-0BEAD1D351B0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx105_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C86B5EA0-85E7-4B8D-83AE-445A2C945CB2",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx105:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "291C7E3A-74D1-4326-87A4-F60D60E3DC37"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx100_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AF66E98-18FB-4862-96C6-090F9B563AAC",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D4DE139-CCB5-4BDD-8827-07348B8F0FF2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx95_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40A18D40-3168-4270-A019-0FFB3652BD64",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx95:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "35740A98-6486-458C-99A9-8E23A781C917"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx85_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC297617-CF3B-4CD5-8E5B-14A5A58BB1AD",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx85:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "410A121A-037A-4D44-A35F-7AE41F93E5AF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx84_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E4FB60C-E46F-4D0F-9C01-2D2670334694",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5A4239D-E115-4368-895A-002BBD94F243"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx75_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "995A6C94-CC7F-4CA4-8815-693E491652B4",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx75:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2A892F3D-62F9-4B04-94E8-FD803159C47B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "900C8DC4-EF1C-4762-A517-F67665F3D724",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0118FD5D-0D25-4984-A6EB-40EF70B85144",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx68_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE27942F-86F1-480C-AFA1-762A5A9E775F",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F6B4B5E-4FBB-48A9-B828-00C8AB479FB8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87EE31D0-87F7-4943-96CC-D5BA48D5DFDA",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx67c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AB39E09-A441-4F95-9F38-44942BDE98AD",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9725A9F-B9B9-4784-AEEA-A5E5CE0A41F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx67_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45953505-EF91-4825-95CD-51EE86D694A5",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2702FE73-E4AC-45C7-A212-44D783720798"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1A471D3-2D62-4458-ADDE-53D60E55966C",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D24D11CA-67C0-4376-91DE-F62118062FED",
            "versionEndExcluding": "18.211.2",
            "versionStartIncluding": "16.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
