Lucene search
K

120 matches found

Cvelist
Cvelist
added 2022/09/30 6:46 p.m.31 views

CVE-2022-20855 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the...

7.9CVSS8.2AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/30 6:45 p.m.37 views

CVE-2022-20848 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of...

8.6CVSS8.7AI score0.00875EPSS
Exploits0References1
CVE
CVE
added 2022/09/30 6:45 p.m.90 views

CVE-2022-20848

CVE-2022-20848 affects Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points. The vulnerability is in UDP processing due to improper handling of UDP datagrams, potentially allowing an unauthenticated remote attacker to cause a device reload and a DoS. The c...

8.6CVSS8AI score0.00875EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/30 6:45 p.m.10 views

CVE-2022-20848 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of...

8.6CVSS7.1AI score0.00875EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/09/29 12:0 a.m.32 views

Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation (cisco-sa-ewc-priv-esc-nderYLtK)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the...

7.9CVSS7.1AI score0.00349EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/09/28 11:0 p.m.6 views

CVE-2022-20848

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of...

8.6CVSS7.2AI score0.00875EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/28 12:0 a.m.5 views

PT-2022-6347 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points affected versions not specified Description: A vulnerability in the UDP processing functionality could allow an unauthenticated, remote attacker to...

8.6CVSS7.5AI score0.00875EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/06/10 12:0 a.m.7 views

The vulnerability affects the implementation of the Control Point Access Point Wireless Provisioning Protocol (CAPWAP) on Cisco IOS XE operating systems, as well as Control Points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers. This allows a malicious actor to cause service interruptions.

The vulnerability of the CAPWAP protocol implementation in Cisco IOS XE operating systems, as well as in Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers, is related to an unvalidated return value that causes the zero pointer to be swapped...

8.6CVSS6.5AI score0.01293EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/30 12:0 a.m.7 views

The vulnerability in the implementation of the Simple Network Management Protocol (SNMP) on Cisco IOS XE-based Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers allows a attacker to cause service interruptions.

The vulnerability of the Simple Network Management Protocol SNMP implementation in Cisco IOS XE Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to...

7.4CVSS6.3AI score0.00503EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/04/15 3:15 p.m.16 views

CVE-2022-20681

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validatio...

7.8CVSS0.00223EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 3:15 p.m.5 views

CVE-2022-20683

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

8.6CVSS5.8AI score0.01437EPSS
Exploits0References1
NVD
NVD
added 2022/04/15 3:15 p.m.29 views

CVE-2022-20683

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

8.6CVSS0.01437EPSS
Exploits0References1
Prion
Prion
added 2022/04/15 3:15 p.m.19 views

Input validation

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validatio...

7.2CVSS7.8AI score0.00223EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/15 3:15 p.m.22 views

Design/Logic Flaw

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

7.8CVSS8.3AI score0.01437EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/04/15 2:16 p.m.152 views

CVE-2022-20681

CVE-2022-20681 affects Cisco IOS XE on Catalyst 9000 Family Switches and Wireless Controllers. The root cause is insufficient validation of user privileges after certain CLI commands, allowing an authenticated, local low-privilege user to elevate to level 15 and execute arbitrary commands with hi...

7.8CVSS7.8AI score0.00223EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/15 2:16 p.m.16 views

CVE-2022-20683 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

8.6CVSS7.1AI score0.01437EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/15 2:16 p.m.28 views

CVE-2022-20683 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

8.6CVSS8.6AI score0.01437EPSS
Exploits0References1
CVE
CVE
added 2022/04/15 2:16 p.m.114 views

CVE-2022-20683

CVE-2022-20683 describes a DoS vulnerability in Cisco IOS XE Software for the Catalyst 9800 Series Wireless Controllers, triggered by crafted packets processed by the AVC-FNF (Application Visibility and Control) feature. Root cause: insufficient packet verification during AVC inspection. Impact: ...

8.6CVSS8.5AI score0.01437EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2022/04/13 4:0 p.m.38 views

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

8.6CVSS8.5AI score0.01437EPSS
Exploits0References1
Cisco
Cisco
added 2022/04/13 4:0 p.m.43 views

Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability

May 12, 2022 Update: The information in the Cisco Software Checker "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x" was not complete when this advisory was first published. Customers should use the form in the Fixed Software "fs" section of this advisory to get the latest...

7.8CVSS7.8AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder