Detections
Analytics

Cisco Meraki 16.2 < 16.16.6 / 17.x < 17.10.1 DoS (cisco-sa-meraki-mx-vpn-dos-vnESbgBf)

high Nessus Plugin ID 241195

Language:

Synopsis

The remote Cisco Meraki device is potentially missing one or more security-related updates.

Description

The version of the remote Cisco Meraki device is 16.2 prior to 16.16.6 or 17.x prior to 17.10.1. It is, therefore, potentially affected by a denial of service vulnerability as referenced in the cisco-sa-meraki-mx-vpn-dos-vnESbgBf advisory:

 - A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
 This vulnerability is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit this vulnerability by crafting a malicious request and sending it to the affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to crash and restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established.
 Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. Cisco Meraki has released software updates that address this vulnerability. (CVE-2022-20933)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Cisco Meraki version 16.16.6 or 17.10.1 or later.

See Also

http://www.nessus.org/u?dbe5d36b

Plugin Details

Severity: High

ID: 241195

File Name: cisco_meraki_cisco-sa-meraki-mx-vpn-dos-vnESbgBf.nasl

Version: 1.2

Type: remote

Family: CISCO

Published: 7/2/2025

Updated: 7/2/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2022-20933

CVSS v3

Risk Factor: High

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/h:cisco:meraki

Required KB Items: installed_sw/Cisco Meraki, Settings/ParanoidReport

Patch Publication Date: 10/19/2022

Vulnerability Publication Date: 10/19/2022

Reference Information

CVE: CVE-2022-20933