Title: Unauthenticated Remote Attackers Can Disconnect IPsec VPN Sessions in Cisco IOS XE Software and Catalyst 9800-L Wireless Controllers

Title: Unauthenticated Remote Attackers Can Disconnect IPsec VPN Sessions in Cisco IOS XE Software and Catalyst 9800-L Wireless Controllers

CVE-2020-3220 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle.

Learn more about our Cis Benchmark Audit For Apple Ios.