Vulnerability Details : CVE-2022-20622
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.
Vulnerability category: Denial of service
Products affected by CVE-2022-20622
- cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-20622
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-20622
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
8.6
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
3.9
|
4.0
|
Cisco Systems, Inc. | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2022-20622
-
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)
References for CVE-2022-20622
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ
Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service VulnerabilityVendor Advisory
Jump to