Lucene search

[email protected]CVE-2022-20694

HistoryApr 15, 2022 - 3:15 p.m.

CVE-2022-20694

2022-04-1515:15:12

CWE-617

[email protected]

web.nvd.nist.gov

cisco

ios xe

vulnerability

rpki

bgp

dos

remote attack

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

JSON

A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.

Affected configurations

NVD

Node

ciscoios_xeMatch3.7.0bs

ciscoios_xeMatch3.7.0s

ciscoios_xeMatch3.7.0xas

ciscoios_xeMatch3.7.0xbs

ciscoios_xeMatch3.7.1as

ciscoios_xeMatch3.7.1s

ciscoios_xeMatch3.7.2s

ciscoios_xeMatch3.7.2ts

ciscoios_xeMatch3.7.3s

ciscoios_xeMatch3.7.4as

ciscoios_xeMatch3.7.4s

ciscoios_xeMatch3.7.5s

ciscoios_xeMatch3.7.6s

ciscoios_xeMatch3.7.7s

ciscoios_xeMatch3.7.8s

ciscoios_xeMatch3.8.0s

ciscoios_xeMatch3.8.1s

ciscoios_xeMatch3.8.2s

ciscoios_xeMatch3.9.0as

ciscoios_xeMatch3.9.0s

ciscoios_xeMatch3.9.0xas

ciscoios_xeMatch3.9.1as

ciscoios_xeMatch3.9.1s

ciscoios_xeMatch3.9.2s

ciscoios_xeMatch3.10.0s

ciscoios_xeMatch3.10.1s

ciscoios_xeMatch3.10.1xbs

ciscoios_xeMatch3.10.1xcs

ciscoios_xeMatch3.10.2as

ciscoios_xeMatch3.10.2s

ciscoios_xeMatch3.10.2ts

ciscoios_xeMatch3.10.3s

ciscoios_xeMatch3.10.4s

ciscoios_xeMatch3.10.5s

ciscoios_xeMatch3.10.6s

ciscoios_xeMatch3.10.7s

ciscoios_xeMatch3.10.8as

ciscoios_xeMatch3.10.8s

ciscoios_xeMatch3.10.9s

ciscoios_xeMatch3.10.10s

ciscoios_xeMatch3.11.0s

ciscoios_xeMatch3.11.1s

ciscoios_xeMatch3.11.2s

ciscoios_xeMatch3.11.3s

ciscoios_xeMatch3.11.4s

ciscoios_xeMatch3.11.5e

ciscoios_xeMatch3.12.0as

ciscoios_xeMatch3.12.0s

ciscoios_xeMatch3.12.1s

ciscoios_xeMatch3.12.2s

ciscoios_xeMatch3.12.3s

ciscoios_xeMatch3.12.4s

ciscoios_xeMatch3.13.0as

ciscoios_xeMatch3.13.0s

ciscoios_xeMatch3.13.1s

ciscoios_xeMatch3.13.2as

ciscoios_xeMatch3.13.2s

ciscoios_xeMatch3.13.3s

ciscoios_xeMatch3.13.4s

ciscoios_xeMatch3.13.5as

ciscoios_xeMatch3.13.5s

ciscoios_xeMatch3.13.6as

ciscoios_xeMatch3.13.6bs

ciscoios_xeMatch3.13.6s

ciscoios_xeMatch3.13.7as

ciscoios_xeMatch3.13.7s

ciscoios_xeMatch3.13.8s

ciscoios_xeMatch3.13.9s

ciscoios_xeMatch3.13.10s

ciscoios_xeMatch3.14.0s

ciscoios_xeMatch3.14.1s

ciscoios_xeMatch3.14.2s

ciscoios_xeMatch3.14.3s

ciscoios_xeMatch3.14.4s

ciscoios_xeMatch3.15.0s

ciscoios_xeMatch3.15.1cs

ciscoios_xeMatch3.15.1s

ciscoios_xeMatch3.15.1xbs

ciscoios_xeMatch3.15.2s

ciscoios_xeMatch3.15.3s

ciscoios_xeMatch3.15.4s

ciscoios_xeMatch3.16.0as

ciscoios_xeMatch3.16.0bs

ciscoios_xeMatch3.16.0cs

ciscoios_xeMatch3.16.0s

ciscoios_xeMatch3.16.1as

ciscoios_xeMatch3.16.1s

ciscoios_xeMatch3.16.2as

ciscoios_xeMatch3.16.2bs

ciscoios_xeMatch3.16.2s

ciscoios_xeMatch3.16.3as

ciscoios_xeMatch3.16.3s

ciscoios_xeMatch3.16.4as

ciscoios_xeMatch3.16.4bs

ciscoios_xeMatch3.16.4cs

ciscoios_xeMatch3.16.4ds

ciscoios_xeMatch3.16.4es

ciscoios_xeMatch3.16.4gs

ciscoios_xeMatch3.16.4s

ciscoios_xeMatch3.16.5as

ciscoios_xeMatch3.16.5bs

ciscoios_xeMatch3.16.5s

ciscoios_xeMatch3.16.6bs

ciscoios_xeMatch3.16.6s

ciscoios_xeMatch3.16.7as

ciscoios_xeMatch3.16.7bs

ciscoios_xeMatch3.16.7s

ciscoios_xeMatch3.16.8s

ciscoios_xeMatch3.16.9s

ciscoios_xeMatch3.16.10as

ciscoios_xeMatch3.16.10bs

ciscoios_xeMatch3.16.10cs

ciscoios_xeMatch3.16.10s

ciscoios_xeMatch3.17.0s

ciscoios_xeMatch3.17.1as

ciscoios_xeMatch3.17.1s

ciscoios_xeMatch3.17.2s

ciscoios_xeMatch3.17.3s

ciscoios_xeMatch3.17.4s

ciscoios_xeMatch3.18.0as

ciscoios_xeMatch3.18.0s

ciscoios_xeMatch3.18.0sp

ciscoios_xeMatch3.18.1asp

ciscoios_xeMatch3.18.1bsp

ciscoios_xeMatch3.18.1csp

ciscoios_xeMatch3.18.1gsp

ciscoios_xeMatch3.18.1hsp

ciscoios_xeMatch3.18.1isp

ciscoios_xeMatch3.18.1s

ciscoios_xeMatch3.18.1sp

ciscoios_xeMatch3.18.2asp

ciscoios_xeMatch3.18.2s

ciscoios_xeMatch3.18.2sp

ciscoios_xeMatch3.18.3asp

ciscoios_xeMatch3.18.3bsp

ciscoios_xeMatch3.18.3s

ciscoios_xeMatch3.18.3sp

ciscoios_xeMatch3.18.4s

ciscoios_xeMatch3.18.4sp

ciscoios_xeMatch3.18.5sp

ciscoios_xeMatch3.18.6sp

ciscoios_xeMatch3.18.7sp

ciscoios_xeMatch3.18.8asp

ciscoios_xeMatch3.18.8sp

ciscoios_xeMatch3.18.9sp

ciscoios_xeMatch3.18.10sp

ciscoios_xeMatch16.1.1

ciscoios_xeMatch16.1.2

ciscoios_xeMatch16.1.3

ciscoios_xeMatch16.2.1

ciscoios_xeMatch16.2.2

ciscoios_xeMatch16.3.1

ciscoios_xeMatch16.3.1a

ciscoios_xeMatch16.3.2

ciscoios_xeMatch16.3.3

ciscoios_xeMatch16.3.4

ciscoios_xeMatch16.3.5

ciscoios_xeMatch16.3.5b

ciscoios_xeMatch16.3.6

ciscoios_xeMatch16.3.7

ciscoios_xeMatch16.3.8

ciscoios_xeMatch16.3.9

ciscoios_xeMatch16.3.10

ciscoios_xeMatch16.3.11

ciscoios_xeMatch16.4.1

ciscoios_xeMatch16.4.2

ciscoios_xeMatch16.4.3

ciscoios_xeMatch16.5.1

ciscoios_xeMatch16.5.1a

ciscoios_xeMatch16.5.1b

ciscoios_xeMatch16.5.2

ciscoios_xeMatch16.5.3

ciscoios_xeMatch16.6.1

ciscoios_xeMatch16.6.2

ciscoios_xeMatch16.6.3

ciscoios_xeMatch16.6.4

ciscoios_xeMatch16.6.4a

ciscoios_xeMatch16.6.4s

ciscoios_xeMatch16.6.5

ciscoios_xeMatch16.6.5a

ciscoios_xeMatch16.6.5b

ciscoios_xeMatch16.6.6

ciscoios_xeMatch16.6.7

ciscoios_xeMatch16.6.7a

ciscoios_xeMatch16.6.8

ciscoios_xeMatch16.6.9

ciscoios_xeMatch16.6.10

ciscoios_xeMatch16.7.1

ciscoios_xeMatch16.7.1a

ciscoios_xeMatch16.7.1b

ciscoios_xeMatch16.7.2

ciscoios_xeMatch16.7.3

ciscoios_xeMatch16.7.4

ciscoios_xeMatch16.8.1

ciscoios_xeMatch16.8.1a

ciscoios_xeMatch16.8.1b

ciscoios_xeMatch16.8.1c

ciscoios_xeMatch16.8.1d

ciscoios_xeMatch16.8.1e

ciscoios_xeMatch16.8.1s

ciscoios_xeMatch16.8.2

ciscoios_xeMatch16.8.3

ciscoios_xeMatch16.9.1

ciscoios_xeMatch16.9.1a

ciscoios_xeMatch16.9.1b

ciscoios_xeMatch16.9.1c

ciscoios_xeMatch16.9.1d

ciscoios_xeMatch16.9.1s

ciscoios_xeMatch16.9.2

ciscoios_xeMatch16.9.2a

ciscoios_xeMatch16.9.2s

ciscoios_xeMatch16.9.3

ciscoios_xeMatch16.9.3a

ciscoios_xeMatch16.9.3h

ciscoios_xeMatch16.9.3s

ciscoios_xeMatch16.9.4

ciscoios_xeMatch16.9.4c

ciscoios_xeMatch16.9.5

ciscoios_xeMatch16.9.5f

ciscoios_xeMatch16.9.6

ciscoios_xeMatch16.9.7

ciscoios_xeMatch16.9.8

ciscoios_xeMatch16.10.1

ciscoios_xeMatch16.10.1a

ciscoios_xeMatch16.10.1b

ciscoios_xeMatch16.10.1c

ciscoios_xeMatch16.10.1d

ciscoios_xeMatch16.10.1e

ciscoios_xeMatch16.10.1f

ciscoios_xeMatch16.10.1g

ciscoios_xeMatch16.10.1s

ciscoios_xeMatch16.10.2

ciscoios_xeMatch16.10.3

ciscoios_xeMatch17.6.1w

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq3.7.0bs
cisco:ios_xecisco ios xeeq3.7.0s
cisco:ios_xecisco ios xeeq3.7.0xas
cisco:ios_xecisco ios xeeq3.7.0xbs
cisco:ios_xecisco ios xeeq3.7.1as
cisco:ios_xecisco ios xeeq3.7.1s
cisco:ios_xecisco ios xeeq3.7.2s
cisco:ios_xecisco ios xeeq3.7.2ts
cisco:ios_xecisco ios xeeq3.7.3s
cisco:ios_xecisco ios xeeq3.7.4as

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	3.7.0bs
cisco:ios_xe	cisco ios xe	eq	3.7.0s
cisco:ios_xe	cisco ios xe	eq	3.7.0xas
cisco:ios_xe	cisco ios xe	eq	3.7.0xbs
cisco:ios_xe	cisco ios xe	eq	3.7.1as
cisco:ios_xe	cisco ios xe	eq	3.7.1s
cisco:ios_xe	cisco ios xe	eq	3.7.2s
cisco:ios_xe	cisco ios xe	eq	3.7.2ts
cisco:ios_xe	cisco ios xe	eq	3.7.3s
cisco:ios_xe	cisco ios xe	eq	3.7.4as

Rows per page:

1-10 of 2341

CNA Affected

[
  {
    "product": "Cisco IOS XE Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-rpki-dos-2EgCNeKE

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

JSON

Related for CVE-2022-20694

cvelist1 nvd1 cisco1 prion1 nessus1