Lucene search

[email protected]NVD:CVE-2022-20678

HistoryApr 15, 2022 - 3:15 p.m.

CVE-2022-20678

2022-04-1515:15:12

CWE-413

CWE-755

[email protected]

web.nvd.nist.gov

vulnerability

cisco ios xe software

appnav-xe

unauthenticated

remote attacker

device reload

denial of service

tcp segments

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

49.5%

JSON

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.

Affected configurations

Nvd

Node

ciscoios_xeMatch16.9.6

ciscoios_xeMatch16.12.4

ciscoios_xeMatch16.12.5

ciscoios_xeMatch17.3.3

AND

ciscocatalyst_8000v_edgeMatch-

ciscocloud_services_router_1000vMatch-

cisco1100-4g_integrated_services_routerMatch-

cisco1100-6g_integrated_services_routerMatch-

cisco1101_integrated_services_routerMatch-

cisco1109_integrated_services_routerMatch-

cisco1111x_integrated_services_routerMatch-

cisco111x_integrated_services_routerMatch-

cisco1120_integrated_services_routerMatch-

cisco1131_integrated_services_routerMatch-

cisco1160_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

cisco4461_integrated_services_routerMatch-

ciscoasr_1001-xMatch-

ciscoasr_1002-xMatch-

ciscocatalyst_8300-1n1s-4t2xMatch-

ciscocatalyst_8300-1n1s-6tMatch-

ciscocatalyst_8300-2n2s-4t2xMatch-

ciscocatalyst_8300-2n2s-6tMatch-

ciscocatalyst_8500Match-

ciscocatalyst_8500-4qcMatch-

ciscocatalyst_8500lMatch-

VendorProductVersionCPE
ciscoios_xe16.9.6cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*
ciscoios_xe16.12.4cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*
ciscoios_xe16.12.5cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*
ciscoios_xe17.3.3cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*
ciscocatalyst_8000v_edge-cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*
ciscocloud_services_router_1000v-cpe:2.3:a:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*
cisco1100-4g_integrated_services_router-cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-6g_integrated_services_router-cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*
cisco1101_integrated_services_router-cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*
cisco1109_integrated_services_router-cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	16.9.6	cpe:2.3:o:cisco:ios_xe:16.9.6:::::::*
cisco	ios_xe	16.12.4	cpe:2.3:o:cisco:ios_xe:16.12.4:::::::*
cisco	ios_xe	16.12.5	cpe:2.3:o:cisco:ios_xe:16.12.5:::::::*
cisco	ios_xe	17.3.3	cpe:2.3:o:cisco:ios_xe:17.3.3:::::::*
cisco	catalyst_8000v_edge	-	cpe:2.3:a:cisco:catalyst_8000v_edge:-:::::::*
cisco	cloud_services_router_1000v	-	cpe:2.3:a:cisco:cloud_services_router_1000v:-:::::::*
cisco	1100-4g_integrated_services_router	-	cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:::::::*
cisco	1100-6g_integrated_services_router	-	cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:::::::*
cisco	1101_integrated_services_router	-	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
cisco	1109_integrated_services_router	-	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*

Rows per page:

1-10 of 281

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appnav-xe-dos-j5MXTR4

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

49.5%

JSON

Related for NVD:CVE-2022-20678

cvelist1 cisco1 prion1 cve1 cnvd1