CVE-2022-20622

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.

CVSS v3 8.6 HIGH
CVSS v2.0 7.8 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:aironet_access_point_software::::::::
	cpe:2.3:a:cisco:aironet_access_point_software::::::::

History

21 Nov 2024, 06:43

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ - Vendor Advisory
CVSS	v2 : ~~7.8~~ v3 : ~~7.5~~	v2 : 7.8 v3 : 8.6

25 Apr 2022, 17:26

Type	Values Removed	Values Added
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ - Vendor Advisory
CWE		CWE-770
CPE		cpe:2.3:a:cisco:aironet_access_point_software::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.8 v3 : 7.5

15 Apr 2022, 15:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-04-15 15:15

Updated : 2024-11-21 06:43

NVD link : CVE-2022-20622

Mitre link : CVE-2022-20622

CVE.ORG link : CVE-2022-20622

JSON object : View

Products Affected

cisco

aironet_access_point_software

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2022-20622", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-04-15T15:15:12.247", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload."}, {"lang": "es", "value": "Una vulnerabilidad en el procesamiento de paquetes de entrada IP del software Cisco Embedded Wireless Controller with Catalyst Access Points podr\u00eda permitir a un atacante remoto no autenticado hacer que el dispositivo sea recargado inesperadamente, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS). El dispositivo puede experimentar una degradaci\u00f3n del rendimiento en el procesamiento del tr\u00e1fico o un alto uso de la CPU antes de la recarga no esperada. Esta vulnerabilidad es debido a una limitaci\u00f3n inapropiada de la velocidad de los paquetes IP a la interfaz de administraci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico IP a una velocidad elevada a la interfaz de administraci\u00f3n del dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo"}], "lastModified": "2024-11-21T06:43:10.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A203AE75-779D-42CD-9DB4-837D2EDBDBF8", "versionEndExcluding": "17.3.4", "versionStartIncluding": "17.3"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28855FA6-E267-4EDC-B525-9ED4C46BFBDE", "versionEndExcluding": "17.6.1", "versionStartIncluding": "17.4"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}

8.6 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2022-20622

8.6^/10

7.8^/10

Attach tags to `CVE-2022-20622`