BDU:2022-05600

BDU

Medium

Уязвимость сервера IPSec VPN Server микропрограммного обеспечения маршрутизаторов Cisco Small Business RV110W, RV130, RV130W и RV215W связа…

CVSS

4.0

Medium

EPSS

0.00

Published

2022-01-01

Updated

2022-01-01

Description

Уязвимость сервера IPSec VPN Server микропрограммного обеспечения маршрутизаторов Cisco Small Business RV110W, RV130, RV130W и RV215W связана с неправильной реализацией алгоритма аутентификации. Эксплуатация уязвимости может позволить нарушителю получить доступ к сети IPSec VPN

Tags · CWE

Pre-auth

Affected products

Cisco systems inc. Cisco rv130Cisco systems inc. Rv110w wireless-n vpnCisco systems inc. Rv130w wireless-n multifunction vpn routerCisco systems inc. Rv215w wireless-n vpn

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

Timeline

2022-01-01

Published

2022-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: H

High (H)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: C

Changed (C)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: L

Low (L)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Cisco

Cisco Rv130 Rv130w Wireless-n Multifunction Vpn Router Rv110w Wireless-n Vpn Rv215w Wireless-n Vpn

Product	Vendor	Status
cisco rv130	cisco systems inc.	Tracked
rv110w wireless-n vpn	cisco systems inc.	Tracked
rv130w wireless-n multifunction vpn router	cisco systems inc.	Tracked
rv215w wireless-n vpn	cisco systems inc.	Tracked

Source databases

BDU

Related vulnerabilities

CVE-2022-20923

External references

@https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-vpnbypass-Cpheup9O