Vulnerability-Lookup

CVE-2022-20761 (GCVE-0-2022-20761)

Vulnerability from cvelistv5 – Published: 2022-04-15 14:20 – Updated: 2024-11-06 16:25

Title

Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability

Summary

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-248

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco IOS	Affected: n/a

GSD-2022-20761

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-20761

Aliases

CVE-2022-20761

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-20761",
    "description": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.",
    "id": "GSD-2022-20761"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-20761"
      ],
      "details": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.",
      "id": "GSD-2022-20761",
      "modified": "2023-12-13T01:19:16.091249Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2022-04-13T23:00:00",
        "ID": "CVE-2022-20761",
        "STATE": "PUBLIC",
        "TITLE": "Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco IOS ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "7.4",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-248"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20220413 Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-cgr1k-ap-dos-mSZR4QVh",
        "defect": [
          [
            "CSCvy41951"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(2\\)cg:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2022-20761"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220413 Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-04-25T21:11Z",
      "publishedDate": "2022-04-15T15:15Z"
    }
  }
}

CVE-2022-20761

Vulnerability from fstec - Published: 13.04.2022

Title

Уязвимость операционной системы Cisco IOS маршрутизаторов Cisco 1000 Series Connected Grid Routers, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать перезагрузку устройства или вызвать отказ в обслуживании

Description

Уязвимость операционной системы Cisco IOS маршрутизаторов Cisco 1000 Series Connected Grid Routers существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать перезагрузку устройства или вызвать отказ в обслуживании

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS

Software Version

15.4M (Cisco IOS), 15.4CG (Cisco IOS), 15.5T (Cisco IOS), 15.5M (Cisco IOS), 15.6T (Cisco IOS), от 15.6M до 15.9M включительно (Cisco IOS)

Possible Mitigations

Использование рекомендаций производителя: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh

CWE

CWE-248

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.4M (Cisco IOS), 15.4CG (Cisco IOS), 15.5T (Cisco IOS), 15.5M (Cisco IOS), 15.6T (Cisco IOS), \u043e\u0442 15.6M \u0434\u043e 15.9M \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Cisco IOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.04.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.07.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.07.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-04549",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-20761",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Cisco IOS 15.4M Cisco CGR 1000 Compute Module, Cisco Systems Inc. Cisco IOS 15.4CG Cisco CGR 1000 Compute Module, Cisco Systems Inc. Cisco IOS 15.5T Cisco CGR 1000 Compute Module, Cisco Systems Inc. Cisco IOS 15.5M Cisco CGR 1000 Compute Module, Cisco Systems Inc. Cisco IOS 15.6T Cisco CGR 1000 Compute Module, Cisco Systems Inc. Cisco IOS \u043e\u0442 15.6M \u0434\u043e 15.9M \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e Cisco CGR 1000 Compute Module",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 Cisco 1000 Series Connected Grid Routers, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 (CWE-248)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 Cisco 1000 Series Connected Grid Routers \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0432\u0435\u0440\u0441\u0438\u0439 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-248",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,4)"
}

FKIE_CVE-2022-20761

Vulnerability from fkie_nvd - Published: 2022-04-15 15:15 - Updated: 2024-11-21 06:43

Severity ?

7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios	15.4\(1\)cg
cisco	ios	15.4\(2\)cg
cisco	ios	15.4\(3\)m
cisco	ios	15.4\(3\)m1
cisco	ios	15.4\(3\)m2
cisco	ios	15.4\(3\)m3
cisco	ios	15.4\(3\)m4
cisco	ios	15.4\(3\)m5
cisco	ios	15.4\(3\)m6
cisco	ios	15.4\(3\)m6a
cisco	ios	15.4\(3\)m7
cisco	ios	15.4\(3\)m8
cisco	ios	15.4\(3\)m9
cisco	ios	15.4\(3\)m10
cisco	ios	15.5\(1\)t
cisco	ios	15.5\(1\)t2
cisco	ios	15.5\(1\)t3
cisco	ios	15.5\(1\)t4
cisco	ios	15.5\(2\)t
cisco	ios	15.5\(2\)t1
cisco	ios	15.5\(2\)t2
cisco	ios	15.5\(2\)t3
cisco	ios	15.5\(2\)t4
cisco	ios	15.5\(3\)m
cisco	ios	15.5\(3\)m1
cisco	ios	15.5\(3\)m2
cisco	ios	15.5\(3\)m2a
cisco	ios	15.5\(3\)m3
cisco	ios	15.5\(3\)m4
cisco	ios	15.5\(3\)m4a
cisco	ios	15.5\(3\)m5
cisco	ios	15.5\(3\)m6
cisco	ios	15.5\(3\)m6a
cisco	ios	15.5\(3\)m7
cisco	ios	15.5\(3\)m8
cisco	ios	15.5\(3\)m9
cisco	ios	15.5\(3\)m10
cisco	ios	15.6\(1\)t
cisco	ios	15.6\(1\)t0a
cisco	ios	15.6\(1\)t1
cisco	ios	15.6\(1\)t2
cisco	ios	15.6\(1\)t3
cisco	ios	15.6\(2\)t
cisco	ios	15.6\(2\)t1
cisco	ios	15.6\(2\)t2
cisco	ios	15.6\(2\)t3
cisco	ios	15.6\(3\)m
cisco	ios	15.6\(3\)m0a
cisco	ios	15.6\(3\)m1
cisco	ios	15.6\(3\)m1b
cisco	ios	15.6\(3\)m2
cisco	ios	15.6\(3\)m3
cisco	ios	15.6\(3\)m3a
cisco	ios	15.6\(3\)m4
cisco	ios	15.6\(3\)m5
cisco	ios	15.6\(3\)m6
cisco	ios	15.6\(3\)m6a
cisco	ios	15.6\(3\)m7
cisco	ios	15.6\(3\)m8
cisco	ios	15.7\(3\)m
cisco	ios	15.7\(3\)m1
cisco	ios	15.7\(3\)m2
cisco	ios	15.7\(3\)m3
cisco	ios	15.7\(3\)m4
cisco	ios	15.7\(3\)m4a
cisco	ios	15.7\(3\)m5
cisco	ios	15.7\(3\)m6
cisco	ios	15.8\(3\)m
cisco	ios	15.8\(3\)m0a
cisco	ios	15.8\(3\)m1
cisco	ios	15.8\(3\)m2
cisco	ios	15.8\(3\)m3a
cisco	ios	15.8\(3\)m3b
cisco	ios	15.8\(3\)m4
cisco	ios	15.8\(3\)m5
cisco	ios	15.8\(3\)m6
cisco	ios	15.8\(3\)m7
cisco	ios	15.9\(3\)m
cisco	ios	15.9\(3\)m0a
cisco	ios	15.9\(3\)m1
cisco	ios	15.9\(3\)m2
cisco	ios	15.9\(3\)m3
cisco	ios	15.9\(3\)m3a
cisco	ios	15.9\(3\)m3b
cisco	ios	15.9\(3\)m4
cisco	ios	15.9\(3\)m4a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg:*:*:*:*:*:*:*",
              "matchCriteriaId": "D962FBA3-CE59-401B-9451-45001775BA66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)cg:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8E0069-21AB-497F-9F4C-6F7C041BA0E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C85BAAF-819B-40E7-9099-04AA8D9AB114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED684DB4-527A-4268-B197-4719B0178429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88F41406-0F55-4D74-A4F6-4ABD5A803907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7082C083-7517-4CD4-BF95-CC7AF08D4053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "370EF3DC-151F-4724-A026-3AD8ED6D801C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B8FB86F-2A89-413B-BED7-97E3D392804E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "005EAD76-34BE-4E3F-8840-23F613661FE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2595B3E3-7FD4-4EFF-98A2-89156A657A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB998A1F-BAEA-4B8F-BE49-1C282ED3952E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AABDAB3-6329-48CF-BB49-DA2046AB9048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C96E41FF-DD4B-4D55-8C96-248C9A15226B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m10:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F7ACB5-4FE5-4B07-8B4D-28DF8D655199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "59F21FEC-A536-45CB-9AE5-61CE45EAD1B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6994F100-864F-4512-9141-F7D1050F9DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0CC364-FF3A-4FB3-8004-6628400BC7DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67A1BC08-28AF-4583-BE21-0D85CA2D7B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4E00DF-60FD-48F2-A69A-D709A5657F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F5D3761-16C8-413A-89AD-C076B9B92FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F690BEC9-FAE9-4C02-9993-34BF14FA99EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BEA314F-8C89-4D6C-A6B6-3E9247A35B7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B8565B-3EE6-48DC-AE92-9F16AFFC509C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "716EC9AA-0569-4FA7-A244-1A14FA15C5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097D1950-6159-45A2-8653-D3F90044D0C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F421AC3C-B0BC-4177-ACDB-87792C1636EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA965B88-3464-4320-B9C4-594C49C9C0F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09CD336D-1110-4B0C-B8D4-7C96293CBADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C580D9-A2EC-4CBB-87F5-1F5CBA23F73F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C427BA8-3A8C-4934-997B-6DDF9CEB96AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7809674-4738-463E-B522-FC6C419E2A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFD51F00-C219-439F-918E-9AF20A6E053A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BCB671-7ED0-43D5-894F-8B3DBF44E68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4802BC7-F326-4F6E-9C74-04032FF35FEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEDE3BCF-B518-47B0-BD3B-0B75515771E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5C9BF5-0C29-4B50-9A86-29F0ECD44F1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B0621A-D7A2-415B-91ED-674F2FB4227B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E25B3DC-B9A7-4DFC-8566-3F790F460DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "679DCA8C-F64B-4716-BCC9-9C461A89CB29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF662E36-0831-4892-850F-844B0E0B54DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E71F49D-E405-4AB4-9188-DA7B338DFD7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "204B0A52-F6AB-406B-B46D-E92F2D7D87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "09578DDF-5D13-47C1-9BD1-A1A8B9B0C87D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBF8B70-DFBE-4F6E-83F0-171F03E97606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA55D660-66C6-4278-8C27-25DB2712CC1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5609B342-D98E-4850-A0FE-810699A80A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "8320F23D-F6BE-405B-B645-1CEB984E8267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7C5C705-6A8C-4834-9D24-CFE26A232C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC270E40-CABA-44B4-B4DD-E9C47A97770B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1DB8C1-7F7D-4562-A317-87E925CAD524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB2645F-C3BF-458F-9D07-6D66E1953730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "686FD45C-7722-4D98-A6D7-C36CAC56A4AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "871E33AC-B469-47BA-9317-DC9E3E9BF5C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4091CAC-BFAA-404C-A827-4DA9EADDF621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DA9FCA-4166-4084-96AF-E82CC4A4DB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33D4A7FA-E4E0-49C2-97FD-A547A1612F75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA0B918F-A28C-4B5A-A566-6E588B4F6696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C106CF-CBD3-4630-8E77-EDB1643F97E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "64404B00-4956-47B8-ACDB-88E365E97212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE6A696-5CBC-4552-A54E-55C21BC74D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "41237041-1D82-4C6C-BF48-ECEDF9DB08C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA584AC4-96AB-4026-84DF-F44F3B97F7E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "22EB41FD-4DE2-4753-A18C-C877B81B51D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A58C01B-459E-432F-A49F-68EC45EE6E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56AD5BA0-4D08-4A92-88BE-60AF29BC35CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "198FF520-7631-49D9-B8A8-2E64F6237CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "405CC56E-574F-4983-B492-C8811FAF06E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1829074-66F9-4B3B-A084-B88D838CFC44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6715A135-61A7-4E56-948D-8A8D5F7C98C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C836C26-DBC1-42CB-9B73-9F248D4F2B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2CC4602-D1F5-4843-991A-2903C8336251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BCCD64D-D73C-45FE-B49C-F79E23431B37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0807458A-2453-4575-AE19-0DE15E04B88C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BA0A0E0-A9D8-4FC3-88BD-FA0E7290A9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1AF57E-79E9-40F2-817A-5E7D2760F1E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8313597-49A9-4918-B8D5-8E53C5C9AFAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "31D6B0E4-92F1-42FD-92DA-887D3D38CEBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C6DA27-2445-4850-B0EF-82EE8C01C0B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "63BEFCC8-CC04-4C41-B31A-BF01E40FA1AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E473CF-FE4B-4DBE-9EBE-337AE415FA4D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes del punto de acceso inal\u00e1mbrico (AP) integrado del router de red conectada de Cisco 1000 Series Connected Grid Router (CGR1K) podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Esta vulnerabilidad es debido a que no ha sido suficientemente la entrada del tr\u00e1fico recibido. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el AP integrado deje de procesar el tr\u00e1fico, resultando en una condici\u00f3n de DoS. Puede ser necesario recargar manualmente el CGR1K para restaurar el funcionamiento del AP"
    }
  ],
  "id": "CVE-2022-20761",
  "lastModified": "2024-11-21T06:43:30.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-15T15:15:13.933",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-7XCX-PR3V-PQ9C

Vulnerability from github – Published: 2022-04-16 00:00 – Updated: 2022-04-26 00:00

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-20761"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-15T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.",
  "id": "GHSA-7xcx-pr3v-pq9c",
  "modified": "2022-04-26T00:00:59Z",
  "published": "2022-04-16T00:00:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20761"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-AVI-338

Vulnerability from certfr_avis - Published: 2022-04-14 - Updated: 2022-04-14

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs et des mesures de contournement (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS avec une configuration HTTP Server spécifique décrite dans l'avis de sécurité de l'éditeur
Cisco	N/A	Cisco Wireless LAN Controller versions 8.10.151.0 et suivantes antérieures à 8.10.171.0
Cisco	IOS	Cisco logiciel IOS versions 15.2(7)E.x antérieures à 15.2(7)E5
Cisco	IOS	Cisco logiciel IOS versions 15.2(8)E.x antérieures à 15.2(8)E1
Cisco	N/A	Cisco gamme de commutateurs Catalyst 9400
Cisco	N/A	Cisco SD-WAN versions 20.7.x antérieures à 20.7.1
Cisco	N/A	Cisco 1000 Series Integrated Services Routers
Cisco	N/A	Cisco Embedded Wireless Controller avec le logiciel Catalyst Access Points versions 17.3.x antérieures à 17.3.4
Cisco	N/A	Cisco 4000 Series Integrated Services Routers
Cisco	IOS XR	Cisco IOS XR versions 7.3.x antérieures à 7.3.2
Cisco	IOS XE	Cisco IOS XE entre les séries de versions 3SE et 3E
Cisco	IOS XR	Cisco IOS XR versions 7.1.2 sans le SMU asr9k-x64-7.1.2.CSCvy48962 ou le service pack asr9k-px-7.1.2.k9-sp1.tar
Cisco	N/A	Cisco gamme de commutateurs Catalyst 9300
Cisco	N/A	Cisco Embedded Wireless Controller avec le logiciel Catalyst Access Points versions 17.6.x antérieures à 17.6.1
Cisco	N/A	Cisco gamme de routeurs Catalyst 8300
Cisco	N/A	Cisco Catalyst 9800 Series Wireless Controllers
Cisco	N/A	Cisco 1000 Series Connected Grid Router (CGR1K)
Cisco	N/A	Cisco Cloud Services Router 1000V Series
Cisco	N/A	Cisco Catalyst 9800 Embedded Wireless Controllers pour la gamme de commutateurs Catalyst 9300, 9400 et 9500
Cisco	N/A	Cisco routeurs ASR 1001-X
Cisco	N/A	Cisco gamme de commutateurs Catalyst 9500
Cisco	N/A	Cisco routeurs ASR 1002-X
Cisco	IOS XE	Cisco IOS XE versions antérieures à 17.3.1
Cisco	N/A	Cisco Embedded Wireless Controllers sur Catalyst Access Points
Cisco	N/A	Cisco logiciel Catalyst 8000V Edge
Cisco	N/A	Cisco Catalyst 9800-CL Wireless Controllers pour le Cloud
Cisco	N/A	Cisco gamme de routeurs Catalyst 8500
Cisco	IOS XR	Cisco IOS XR versions 7.1.3 sans le SMU asr9k-x64-7.1.3.CSCvz75757
Cisco	N/A	Cisco SD-WAN versions 20.6.x antérieures à 20.6.1

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-20761 (GCVE-0-2022-20761)

GSD-2022-20761

CVE-2022-20761

FKIE_CVE-2022-20761

GHSA-7XCX-PR3V-PQ9C

CERTFR-2022-AVI-338

Solution

Tags

Sightings

Nomenclature