Lucene search

[email protected]NVD:CVE-2022-20679

HistoryApr 15, 2022 - 3:15 p.m.

CVE-2022-20679

2022-04-1515:15:12

CWE-20

[email protected]

web.nvd.nist.gov

cisco ios xe

ipsec

decryption

remote attackers

dos

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

50.4%

JSON

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to buffer exhaustion that occurs while traffic on a configured IPsec tunnel is being processed. An attacker could exploit this vulnerability by sending traffic to an affected device that has a maximum transmission unit (MTU) of 1800 bytes or greater. A successful exploit could allow the attacker to cause the device to reload. To exploit this vulnerability, the attacker may need access to the trusted network where the affected device is in order to send specific packets to be processed by the device. All network devices between the attacker and the affected device must support an MTU of 1800 bytes or greater. This access requirement could limit the possibility of a successful exploit.

Affected configurations

Nvd

Node

ciscoios_xeMatch3.15.1xbs

ciscoios_xeMatch3.15.2xbs

ciscoios_xeMatch16.8.1

ciscoios_xeMatch16.8.1a

ciscoios_xeMatch16.8.1b

ciscoios_xeMatch16.8.1c

ciscoios_xeMatch16.8.1d

ciscoios_xeMatch16.8.1e

ciscoios_xeMatch16.8.1s

ciscoios_xeMatch16.8.2

ciscoios_xeMatch16.8.3

ciscoios_xeMatch16.9.1

ciscoios_xeMatch16.9.1a

ciscoios_xeMatch16.9.1b

ciscoios_xeMatch16.9.1c

ciscoios_xeMatch16.9.1d

ciscoios_xeMatch16.9.1s

ciscoios_xeMatch16.9.2

ciscoios_xeMatch16.9.2a

ciscoios_xeMatch16.9.2s

ciscoios_xeMatch16.9.3

ciscoios_xeMatch16.9.3a

ciscoios_xeMatch16.9.3h

ciscoios_xeMatch16.9.3s

ciscoios_xeMatch16.9.4

ciscoios_xeMatch16.9.4c

ciscoios_xeMatch16.9.5

ciscoios_xeMatch16.9.5f

ciscoios_xeMatch16.9.6

ciscoios_xeMatch16.9.7

ciscoios_xeMatch16.9.8

ciscoios_xeMatch16.10.1

ciscoios_xeMatch16.10.1a

ciscoios_xeMatch16.10.1b

ciscoios_xeMatch16.10.1c

ciscoios_xeMatch16.10.1d

ciscoios_xeMatch16.10.1e

ciscoios_xeMatch16.10.1f

ciscoios_xeMatch16.10.1g

ciscoios_xeMatch16.10.1s

ciscoios_xeMatch16.10.2

ciscoios_xeMatch16.10.3

ciscoios_xeMatch16.11.1

ciscoios_xeMatch16.11.1a

ciscoios_xeMatch16.11.1b

ciscoios_xeMatch16.11.1c

ciscoios_xeMatch16.11.1s

ciscoios_xeMatch16.11.2

ciscoios_xeMatch16.12.1

ciscoios_xeMatch16.12.1a

ciscoios_xeMatch16.12.1c

ciscoios_xeMatch16.12.1s

ciscoios_xeMatch16.12.1t

ciscoios_xeMatch16.12.1w

ciscoios_xeMatch16.12.1x

ciscoios_xeMatch16.12.1y

ciscoios_xeMatch16.12.1z

ciscoios_xeMatch16.12.1z1

ciscoios_xeMatch16.12.1z2

ciscoios_xeMatch16.12.2

ciscoios_xeMatch16.12.2a

ciscoios_xeMatch16.12.2s

ciscoios_xeMatch16.12.2t

ciscoios_xeMatch16.12.3

ciscoios_xeMatch16.12.3a

ciscoios_xeMatch16.12.3s

ciscoios_xeMatch16.12.4

ciscoios_xeMatch16.12.4a

ciscoios_xeMatch16.12.5

ciscoios_xeMatch16.12.5a

ciscoios_xeMatch16.12.5b

ciscoios_xeMatch16.12.6

ciscoios_xeMatch16.12.6a

ciscoios_xeMatch17.1.1

ciscoios_xeMatch17.1.1a

ciscoios_xeMatch17.1.1s

ciscoios_xeMatch17.1.1t

ciscoios_xeMatch17.1.2

ciscoios_xeMatch17.1.3

ciscoios_xeMatch17.2.1

ciscoios_xeMatch17.2.1a

ciscoios_xeMatch17.2.1r

ciscoios_xeMatch17.2.1v

ciscoios_xeMatch17.2.2

ciscoios_xeMatch17.2.3

ciscoios_xeMatch17.3.1

ciscoios_xeMatch17.3.1a

ciscoios_xeMatch17.3.1w

ciscoios_xeMatch17.3.1x

ciscoios_xeMatch17.3.1z

ciscoios_xeMatch17.3.2

ciscoios_xeMatch17.3.2a

ciscoios_xeMatch17.3.3

ciscoios_xeMatch17.3.3a

ciscoios_xeMatch17.3.4

ciscoios_xeMatch17.3.4a

ciscoios_xeMatch17.3.4b

ciscoios_xeMatch17.3.4c

ciscoios_xeMatch17.4.1

ciscoios_xeMatch17.4.1a

ciscoios_xeMatch17.4.1b

ciscoios_xeMatch17.4.1c

ciscoios_xeMatch17.4.2

ciscoios_xeMatch17.4.2a

ciscoios_xeMatch17.5.1

ciscoios_xeMatch17.5.1a

ciscoios_xeMatch17.6.1

ciscoios_xeMatch17.6.1a

ciscoios_xeMatch17.6.1w

VendorProductVersionCPE
ciscoios_xe3.15.1xbscpe:2.3:o:cisco:ios_xe:3.15.1xbs:*:*:*:*:*:*:*
ciscoios_xe3.15.2xbscpe:2.3:o:cisco:ios_xe:3.15.2xbs:*:*:*:*:*:*:*
ciscoios_xe16.8.1cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*
ciscoios_xe16.8.1acpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*
ciscoios_xe16.8.1bcpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*
ciscoios_xe16.8.1ccpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*
ciscoios_xe16.8.1dcpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*
ciscoios_xe16.8.1ecpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*
ciscoios_xe16.8.1scpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*
ciscoios_xe16.8.2cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	3.15.1xbs	cpe:2.3:o:cisco:ios_xe:3.15.1xbs:::::::*
cisco	ios_xe	3.15.2xbs	cpe:2.3:o:cisco:ios_xe:3.15.2xbs:::::::*
cisco	ios_xe	16.8.1	cpe:2.3:o:cisco:ios_xe:16.8.1:::::::*
cisco	ios_xe	16.8.1a	cpe:2.3:o:cisco:ios_xe:16.8.1a:::::::*
cisco	ios_xe	16.8.1b	cpe:2.3:o:cisco:ios_xe:16.8.1b:::::::*
cisco	ios_xe	16.8.1c	cpe:2.3:o:cisco:ios_xe:16.8.1c:::::::*
cisco	ios_xe	16.8.1d	cpe:2.3:o:cisco:ios_xe:16.8.1d:::::::*
cisco	ios_xe	16.8.1e	cpe:2.3:o:cisco:ios_xe:16.8.1e:::::::*
cisco	ios_xe	16.8.1s	cpe:2.3:o:cisco:ios_xe:16.8.1s:::::::*
cisco	ios_xe	16.8.2	cpe:2.3:o:cisco:ios_xe:16.8.2:::::::*

Rows per page:

1-10 of 1091

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-qfp-ipsec-GQmqvtqV

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

50.4%

JSON

Related for NVD:CVE-2022-20679

cvelist1 cnvd1 prion1 cisco1 cve1