Lucene search

[email protected]NVD:CVE-2022-20697

HistoryApr 15, 2022 - 3:15 p.m.

CVE-2022-20697

2022-04-1515:15:12

CWE-772

CWE-691

[email protected]

web.nvd.nist.gov

cisco

dos

vulnerability

http

remote attacker

resource management

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

49.6%

JSON

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Affected configurations

Nvd

Node

ciscoiosMatch15.1\(3\)svr1

ciscoiosMatch15.1\(3\)svr2

ciscoiosMatch15.1\(3\)svr3

ciscoiosMatch15.1\(3\)svs

ciscoiosMatch15.1\(3\)svs1

ciscoiosMatch15.1\(3\)svt1

ciscoiosMatch15.1\(3\)svt2

ciscoiosMatch15.1\(3\)svt3

ciscoiosMatch15.1\(3\)svu1

ciscoiosMatch15.1\(3\)svu2

ciscoiosMatch15.1\(3\)svu10

ciscoiosMatch15.1\(3\)svv1

ciscoiosMatch15.2\(7\)e3

ciscoiosMatch15.2\(7\)e3a

ciscoiosMatch15.2\(7\)e3k

ciscoiosMatch15.2\(7\)e4

ciscoiosMatch15.2\(8\)e

ciscoiosMatch15.2\(234k\)e

ciscoiosMatch15.3\(3\)jk100

ciscoiosMatch15.3\(3\)jpj8

ciscoiosMatch15.9\(3\)m2

ciscoiosMatch15.9\(3\)m2a

ciscoiosMatch15.9\(3\)m3

ciscoiosMatch15.9\(3\)m3a

ciscoiosMatch15.9\(3\)m3b

ciscoiosMatch15.9\(3\)m4

ciscoios_xeMatch3.11.3ae

ciscoios_xeMatch3.11.3e

ciscoios_xeMatch3.11.4e

VendorProductVersionCPE
ciscoios15.1(3)svr1cpe:2.3:o:cisco:ios:15.1\(3\)svr1:*:*:*:*:*:*:*
ciscoios15.1(3)svr2cpe:2.3:o:cisco:ios:15.1\(3\)svr2:*:*:*:*:*:*:*
ciscoios15.1(3)svr3cpe:2.3:o:cisco:ios:15.1\(3\)svr3:*:*:*:*:*:*:*
ciscoios15.1(3)svscpe:2.3:o:cisco:ios:15.1\(3\)svs:*:*:*:*:*:*:*
ciscoios15.1(3)svs1cpe:2.3:o:cisco:ios:15.1\(3\)svs1:*:*:*:*:*:*:*
ciscoios15.1(3)svt1cpe:2.3:o:cisco:ios:15.1\(3\)svt1:*:*:*:*:*:*:*
ciscoios15.1(3)svt2cpe:2.3:o:cisco:ios:15.1\(3\)svt2:*:*:*:*:*:*:*
ciscoios15.1(3)svt3cpe:2.3:o:cisco:ios:15.1\(3\)svt3:*:*:*:*:*:*:*
ciscoios15.1(3)svu1cpe:2.3:o:cisco:ios:15.1\(3\)svu1:*:*:*:*:*:*:*
ciscoios15.1(3)svu2cpe:2.3:o:cisco:ios:15.1\(3\)svu2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.1(3)svr1	cpe:2.3:o:cisco:ios:15.1\(3\)svr1:::::::*
cisco	ios	15.1(3)svr2	cpe:2.3:o:cisco:ios:15.1\(3\)svr2:::::::*
cisco	ios	15.1(3)svr3	cpe:2.3:o:cisco:ios:15.1\(3\)svr3:::::::*
cisco	ios	15.1(3)svs	cpe:2.3:o:cisco:ios:15.1\(3\)svs:::::::*
cisco	ios	15.1(3)svs1	cpe:2.3:o:cisco:ios:15.1\(3\)svs1:::::::*
cisco	ios	15.1(3)svt1	cpe:2.3:o:cisco:ios:15.1\(3\)svt1:::::::*
cisco	ios	15.1(3)svt2	cpe:2.3:o:cisco:ios:15.1\(3\)svt2:::::::*
cisco	ios	15.1(3)svt3	cpe:2.3:o:cisco:ios:15.1\(3\)svt3:::::::*
cisco	ios	15.1(3)svu1	cpe:2.3:o:cisco:ios:15.1\(3\)svu1:::::::*
cisco	ios	15.1(3)svu2	cpe:2.3:o:cisco:ios:15.1\(3\)svu2:::::::*

Rows per page:

1-10 of 291

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

49.6%

JSON

Related for NVD:CVE-2022-20697

cisco1 cve1 prion1 nessus2 cvelist1