Vulnerability Description
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xe | 17.1.1 |
| Cisco | Ios Xe Sd-Wan | 17.5.1a |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-20455?
CVE-2024-20455 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote at...
How severe is CVE-2024-20455?
CVE-2024-20455 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-20455?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco Ios Xe Sd-Wan.