CVE-2022-20919

EPSS 0.27%
Published 30.09.2022 19:15:13
Last modified 21.11.2024 06:43:48
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Affected products Warnungen 0 Metrics 3 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version17.9.1

   Cisco ≫ 1000 Integrated Services Router Version-
   Cisco ≫ 1100-4g Integrated Services Router Version-
   Cisco ≫ 1100-4p Integrated Services Router Version-
   Cisco ≫ 1100-6g Integrated Services Router Version-
   Cisco ≫ 1100-8p Integrated Services Router Version-
   Cisco ≫ 1100 Integrated Services Router Version-
   Cisco ≫ 1101-4p Integrated Services Router Version-
   Cisco ≫ 1101 Integrated Services Router Version-
   Cisco ≫ 1109-2p Integrated Services Router Version-
   Cisco ≫ 1109-4p Integrated Services Router Version-
   Cisco ≫ 1109 Integrated Services Router Version-
   Cisco ≫ 1111x-8p Integrated Services Router Version-
   Cisco ≫ 1111x Integrated Services Router Version-
   Cisco ≫ 1120 Integrated Services Router Version-
   Cisco ≫ 1131 Integrated Services Router Version-
   Cisco ≫ 1160 Integrated Services Router Version-
   Cisco ≫ 4221 Integrated Services Router Version-
   Cisco ≫ 4321 Integrated Services Router Version-
   Cisco ≫ 4331 Integrated Services Router Version-
   Cisco ≫ 4351 Integrated Services Router Version-
   Cisco ≫ 4431 Integrated Services Router Version-
   Cisco ≫ 4451-x Integrated Services Router Version-
   Cisco ≫ 4451 Integrated Services Router Version-
   Cisco ≫ 4461 Integrated Services Router Version-
   Cisco ≫ Asr-920-10sz-pd Version-
   Cisco ≫ Asr-920-12cz-a Version-
   Cisco ≫ Asr-920-12cz-d Version-
   Cisco ≫ Asr-920-12sz-a Version-
   Cisco ≫ Asr-920-12sz-d Version-
   Cisco ≫ Asr-920-12sz-im Version-
   Cisco ≫ Asr-920-12sz-im-cc Version-
   Cisco ≫ Asr-920-20sz-m Version-
   Cisco ≫ Asr-920-24sz-im Version-
   Cisco ≫ Asr-920-24sz-m Version-
   Cisco ≫ Asr-920-24tz-im Version-
   Cisco ≫ Asr-920-24tz-m Version-
   Cisco ≫ Asr-920-4sz-a Version-
   Cisco ≫ Asr-920-4sz-d Version-
   Cisco ≫ Asr-9901-rp Version-
   Cisco ≫ Asr 1000-esp100 Version-
   Cisco ≫ Asr 1000-x Version-
   Cisco ≫ Asr 1001 Version-
   Cisco ≫ Asr 1001-hx Version-
   Cisco ≫ Asr 1001-hx R Version-
   Cisco ≫ Asr 1001-x Version-
   Cisco ≫ Asr 1001-x R Version-
   Cisco ≫ Asr 1002 Version-
   Cisco ≫ Asr 1002-hx Version-
   Cisco ≫ Asr 1002-hx R Version-
   Cisco ≫ Asr 1002-x Version-
   Cisco ≫ Asr 1002-x R Version-
   Cisco ≫ Asr 1002 Fixed Router Version-
   Cisco ≫ Asr 1004 Version-
   Cisco ≫ Asr 1006 Version-
   Cisco ≫ Asr 1006-x Version-
   Cisco ≫ Asr 1009-x Version-
   Cisco ≫ Asr 1013 Version-
   Cisco ≫ Asr 1023 Version-
   Cisco ≫ Asr 1023 Router Version-
   Cisco ≫ Asr 5000 Version-
   Cisco ≫ Asr 5500 Version-
   Cisco ≫ Asr 5700 Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 900 Version-
   Cisco ≫ Asr 900 Route Switch Processor 2 (rsp2) Version-
   Cisco ≫ Asr 900 Route Switch Processor 3 (rsp3) Version-
   Cisco ≫ Asr 9000 Version-
   Cisco ≫ Asr 9000 Version- HwPlatform-
   Cisco ≫ Asr 9000 Version- HwPlatformx64
   Cisco ≫ Asr 9000 Rsp440 Router Version-
   Cisco ≫ Asr 9000v Version-
   Cisco ≫ Asr 9000v Version- HwPlatformx64
   Cisco ≫ Asr 9000v Versionv2
   Cisco ≫ Asr 9001 Version-
   Cisco ≫ Asr 9001 Version- HwPlatformx64
   Cisco ≫ Asr 9006 Version-
   Cisco ≫ Asr 9006 Version- HwPlatformx64
   Cisco ≫ Asr 901-12c-f-d Version-
   Cisco ≫ Asr 901-12c-ft-d Version-
   Cisco ≫ Asr 901-4c-f-d Version-
   Cisco ≫ Asr 901-4c-ft-d Version-
   Cisco ≫ Asr 901-6cz-f-a Version-
   Cisco ≫ Asr 901-6cz-f-d Version-
   Cisco ≫ Asr 901-6cz-fs-a Version-
   Cisco ≫ Asr 901-6cz-fs-d Version-
   Cisco ≫ Asr 901-6cz-ft-a Version-
   Cisco ≫ Asr 901-6cz-ft-d Version-
   Cisco ≫ Asr 9010 Version-
   Cisco ≫ Asr 9010 Version- HwPlatform-
   Cisco ≫ Asr 9010 Version- HwPlatformx64
   Cisco ≫ Asr 901s-2sg-f-ah Version-
   Cisco ≫ Asr 901s-2sg-f-d Version-
   Cisco ≫ Asr 901s-3sg-f-ah Version-
   Cisco ≫ Asr 901s-3sg-f-d Version-
   Cisco ≫ Asr 901s-4sg-f-d Version-
   Cisco ≫ Asr 902 Version-
   Cisco ≫ Asr 902u Version-
   Cisco ≫ Asr 903 Version-
   Cisco ≫ Asr 907 Version-
   Cisco ≫ Asr 914 Version-
   Cisco ≫ Asr 920-10sz-pd Version-
   Cisco ≫ Asr 920-10sz-pd R Version-
   Cisco ≫ Asr 920-10sz-pd Router Version-
   Cisco ≫ Asr 920-12cz-a Version-
   Cisco ≫ Asr 920-12cz-a R Version-
   Cisco ≫ Asr 920-12cz-a Router Version-
   Cisco ≫ Asr 920-12cz-d Version-
   Cisco ≫ Asr 920-12cz-d R Version-
   Cisco ≫ Asr 920-12cz-d Router Version-
   Cisco ≫ Asr 920-12sz-im Version-
   Cisco ≫ Asr 920-12sz-im R Version-
   Cisco ≫ Asr 920-12sz-im Router Version-
   Cisco ≫ Asr 920-24sz-im Version-
   Cisco ≫ Asr 920-24sz-im R Version-
   Cisco ≫ Asr 920-24sz-im Router Version-
   Cisco ≫ Asr 920-24sz-m Version-
   Cisco ≫ Asr 920-24sz-m R Version-
   Cisco ≫ Asr 920-24sz-m Router Version-
   Cisco ≫ Asr 920-24tz-m Version-
   Cisco ≫ Asr 920-24tz-m R Version-
   Cisco ≫ Asr 920-24tz-m Router Version-
   Cisco ≫ Asr 920-4sz-a Version-
   Cisco ≫ Asr 920-4sz-a R Version-
   Cisco ≫ Asr 920-4sz-a Router Version-
   Cisco ≫ Asr 920-4sz-d Version-
   Cisco ≫ Asr 920-4sz-d R Version-
   Cisco ≫ Asr 920-4sz-d Router Version-
   Cisco ≫ Asr 920u-12sz-im Version-
   Cisco ≫ Asr 9901 Version-
   Cisco ≫ Asr 9901 Version- HwPlatformx64
   Cisco ≫ Asr 9903 Version-
   Cisco ≫ Asr 9904 Version-
   Cisco ≫ Asr 9904 Version- HwPlatform-
   Cisco ≫ Asr 9904 Version- HwPlatformx64
   Cisco ≫ Asr 9906 Version-
   Cisco ≫ Asr 9906 Version- HwPlatformx64
   Cisco ≫ Asr 9910 Version-
   Cisco ≫ Asr 9910 Version- HwPlatform-
   Cisco ≫ Asr 9910 Version- HwPlatformx64
   Cisco ≫ Asr 9912 Version-
   Cisco ≫ Asr 9912 Version- HwPlatform-
   Cisco ≫ Asr 9912 Version- HwPlatformx64
   Cisco ≫ Asr 9920 Version-
   Cisco ≫ Asr 9922 Version-
   Cisco ≫ Asr 9922 Version- HwPlatform-
   Cisco ≫ Asr1000-2t+20x1ge Version-
   Cisco ≫ Asr1000-6tge Version-
   Cisco ≫ Asr1000-esp200 Version-
   Cisco ≫ Asr1000-mip100 Version-
   Cisco ≫ Asr1000-rp3 Version-
   Cisco ≫ Asr1001-hx Version-
   Cisco ≫ Asr1001-hx-rf Version-
   Cisco ≫ Asr1001-x Version-
   Cisco ≫ Asr1001-x-rf Version-
   Cisco ≫ Asr1001-x-ws Version-
   Cisco ≫ Asr1002-hx Version-
   Cisco ≫ Asr1002-hx-rf Version-
   Cisco ≫ Asr1002-hx-ws Version-
   Cisco ≫ Asr1002-x Version-
   Cisco ≫ Asr1002-x-rf Version-
   Cisco ≫ Asr1002-x-ws Version-
   Cisco ≫ Catalyst 3850 Version-
   Cisco ≫ Catalyst 3850-12s-e Version-
   Cisco ≫ Catalyst 3850-12s-s Version-
   Cisco ≫ Catalyst 3850-12x48u Version-
   Cisco ≫ Catalyst 3850-12xs-e Version-
   Cisco ≫ Catalyst 3850-12xs-s Version-
   Cisco ≫ Catalyst 3850-16xs-e Version-
   Cisco ≫ Catalyst 3850-16xs-s Version-
   Cisco ≫ Catalyst 3850-24p-e Version-
   Cisco ≫ Catalyst 3850-24p-l Version-
   Cisco ≫ Catalyst 3850-24p-s Version-
   Cisco ≫ Catalyst 3850-24pw-s Version-
   Cisco ≫ Catalyst 3850-24s-e Version-
   Cisco ≫ Catalyst 3850-24s-s Version-
   Cisco ≫ Catalyst 3850-24t-e Version-
   Cisco ≫ Catalyst 3850-24t-l Version-
   Cisco ≫ Catalyst 3850-24t-s Version-
   Cisco ≫ Catalyst 3850-24u Version-
   Cisco ≫ Catalyst 3850-24u-e Version-
   Cisco ≫ Catalyst 3850-24u-l Version-
   Cisco ≫ Catalyst 3850-24u-s Version-
   Cisco ≫ Catalyst 3850-24xs Version-
   Cisco ≫ Catalyst 3850-24xs-e Version-
   Cisco ≫ Catalyst 3850-24xs-s Version-
   Cisco ≫ Catalyst 3850-24xu Version-
   Cisco ≫ Catalyst 3850-24xu-e Version-
   Cisco ≫ Catalyst 3850-24xu-l Version-
   Cisco ≫ Catalyst 3850-24xu-s Version-
   Cisco ≫ Catalyst 3850-32xs-e Version-
   Cisco ≫ Catalyst 3850-32xs-s Version-
   Cisco ≫ Catalyst 3850-48f-e Version-
   Cisco ≫ Catalyst 3850-48f-l Version-
   Cisco ≫ Catalyst 3850-48f-s Version-
   Cisco ≫ Catalyst 3850-48p-e Version-
   Cisco ≫ Catalyst 3850-48p-l Version-
   Cisco ≫ Catalyst 3850-48p-s Version-
   Cisco ≫ Catalyst 3850-48pw-s Version-
   Cisco ≫ Catalyst 3850-48t-e Version-
   Cisco ≫ Catalyst 3850-48t-l Version-
   Cisco ≫ Catalyst 3850-48t-s Version-
   Cisco ≫ Catalyst 3850-48u Version-
   Cisco ≫ Catalyst 3850-48u-e Version-
   Cisco ≫ Catalyst 3850-48u-l Version-
   Cisco ≫ Catalyst 3850-48u-s Version-
   Cisco ≫ Catalyst 3850-48xs Version-
   Cisco ≫ Catalyst 3850-48xs-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-s Version-
   Cisco ≫ Catalyst 3850-48xs-s Version-
   Cisco ≫ Catalyst 3850-nm-2-40g Version-
   Cisco ≫ Catalyst 3850-nm-8-10g Version-
   Cisco ≫ Catalyst 8200 Version-
   Cisco ≫ Catalyst 8300 Version-
   Cisco ≫ Catalyst 8300-1n1s-4t2x Version-
   Cisco ≫ Catalyst 8300-1n1s-6t Version-
   Cisco ≫ Catalyst 8300-2n2s-4t2x Version-
   Cisco ≫ Catalyst 8300-2n2s-6t Version-
   Cisco ≫ Catalyst 8500 Version-
   Cisco ≫ Catalyst 8500-4qc Version-
   Cisco ≫ Catalyst 8500l Version-
   Cisco ≫ Catalyst 8510csr Version-
   Cisco ≫ Catalyst 8510msr Version-
   Cisco ≫ Catalyst 8540csr Version-
   Cisco ≫ Catalyst 8540msr Version-
   Cisco ≫ Catalyst 9100 Version-
   Cisco ≫ Catalyst 9105 Version-
   Cisco ≫ Catalyst 9105axi Version-
   Cisco ≫ Catalyst 9105axw Version-
   Cisco ≫ Catalyst 9115 Version-
   Cisco ≫ Catalyst 9115 Ap Version-
   Cisco ≫ Catalyst 9115axe Version-
   Cisco ≫ Catalyst 9115axi Version-
   Cisco ≫ Catalyst 9117 Version-
   Cisco ≫ Catalyst 9117 Ap Version-
   Cisco ≫ Catalyst 9117axi Version-
   Cisco ≫ Catalyst 9120 Version-
   Cisco ≫ Catalyst 9120 Ap Version-
   Cisco ≫ Catalyst 9120axe Version-
   Cisco ≫ Catalyst 9120axi Version-
   Cisco ≫ Catalyst 9120axp Version-
   Cisco ≫ Catalyst 9124 Version-
   Cisco ≫ Catalyst 9124axd Version-
   Cisco ≫ Catalyst 9124axi Version-
   Cisco ≫ Catalyst 9130 Version-
   Cisco ≫ Catalyst 9130 Ap Version-
   Cisco ≫ Catalyst 9130axe Version-
   Cisco ≫ Catalyst 9130axi Version-
   Cisco ≫ Catalyst 9200 Version-
   Cisco ≫ Catalyst 9200cx Version-
   Cisco ≫ Catalyst 9200l Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24s-a Version-
   Cisco ≫ Catalyst 9300-24s-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-24ux-a Version-
   Cisco ≫ Catalyst 9300-24ux-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48s-a Version-
   Cisco ≫ Catalyst 9300-48s-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9300-48un-a Version-
   Cisco ≫ Catalyst 9300-48un-e Version-
   Cisco ≫ Catalyst 9300-48uxm-a Version-
   Cisco ≫ Catalyst 9300-48uxm-e Version-
   Cisco ≫ Catalyst 9300l Version-
   Cisco ≫ Catalyst 9300l-24p-4g-a Version-
   Cisco ≫ Catalyst 9300l-24p-4g-e Version-
   Cisco ≫ Catalyst 9300l-24p-4x-a Version-
   Cisco ≫ Catalyst 9300l-24p-4x-e Version-
   Cisco ≫ Catalyst 9300l-24t-4g-a Version-
   Cisco ≫ Catalyst 9300l-24t-4g-e Version-
   Cisco ≫ Catalyst 9300l-24t-4x-a Version-
   Cisco ≫ Catalyst 9300l-24t-4x-e Version-
   Cisco ≫ Catalyst 9300l-48p-4g-a Version-
   Cisco ≫ Catalyst 9300l-48p-4g-e Version-
   Cisco ≫ Catalyst 9300l-48p-4x-a Version-
   Cisco ≫ Catalyst 9300l-48p-4x-e Version-
   Cisco ≫ Catalyst 9300l-48t-4g-a Version-
   Cisco ≫ Catalyst 9300l-48t-4g-e Version-
   Cisco ≫ Catalyst 9300l-48t-4x-a Version-
   Cisco ≫ Catalyst 9300l-48t-4x-e Version-
   Cisco ≫ Catalyst 9300l Stack Version-
   Cisco ≫ Catalyst 9300lm Version-
   Cisco ≫ Catalyst 9300x Version-
   Cisco ≫ Catalyst 9400 Version-
   Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9407r Version-
   Cisco ≫ Catalyst 9410r Version-
   Cisco ≫ Catalyst 9500 Version-
   Cisco ≫ Catalyst 9500h Version-
   Cisco ≫ Catalyst 9600 Version-
   Cisco ≫ Catalyst 9600 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9600x Version-
   Cisco ≫ Catalyst 9800 Version-
   Cisco ≫ Catalyst 9800-40 Version-
   Cisco ≫ Catalyst 9800-40 Wireless Controller Version-
   Cisco ≫ Catalyst 9800-80 Version-
   Cisco ≫ Catalyst 9800-80 Wireless Controller Version-
   Cisco ≫ Catalyst 9800-cl Version-
   Cisco ≫ Catalyst 9800-l Version-
   Cisco ≫ Catalyst 9800-l-c Version-
   Cisco ≫ Catalyst 9800-l-f Version-
   Cisco ≫ Catalyst 9800 Embedded Wireless Controller Version-
   Cisco ≫ Catalyst Ie3200 Version-
   Cisco ≫ Catalyst Ie3200 Rugged Switch Version-
   Cisco ≫ Catalyst Ie3300 Version-
   Cisco ≫ Catalyst Ie3300 Rugged Switch Version-
   Cisco ≫ Catalyst Ie3400 Version-
   Cisco ≫ Catalyst Ie3400 Heavy Duty Switch Version-
   Cisco ≫ Catalyst Ie3400 Rugged Switch Version-
   Cisco ≫ Catalyst Ie9300 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.27%	0.503

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
psirt@cisco.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-248 Uncaught Exception

An exception is thrown from a function, but it is not caught.

CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-20919

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-20919

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-20919

EUVD