8.6
CVE-2022-20837
- EPSS 0.28%
- Published 10.10.2022 21:15:10
- Last modified 21.11.2024 06:43:39
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a logic error that occurs when an affected device inspects certain TCP DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through the affected device that is performing NAT for DNS packets. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on the affected device. Note: This vulnerability can be exploited only by sending IPv4 TCP packets through an affected device. This vulnerability cannot be exploited by sending IPv6 traffic.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Version-
Cisco ≫ Asr 1000-esp100-x Version-
Cisco ≫ Asr 1000-esp200-x Version-
Cisco ≫ Catalyst 8500 Version-
Cisco ≫ Catalyst 8500-4qc Version-
Cisco ≫ Asr 1000-esp200-x Version-
Cisco ≫ Catalyst 8500 Version-
Cisco ≫ Catalyst 8500-4qc Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.507 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
| psirt@cisco.com | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.