HIGH✓ PATCH🇬🇧 English

CVE-2022-20714

CVSS 8.6v3.1pub. 2022-04-15upd. 2024-11-21

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco Asr 9902

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 9903

    HW
    Cisco
    wszystkie wersje
  • Cisco IOS XR

    OS
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2025-20363CRITICAL9.0PL ✓ten sam produkt

RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP

CVE-2020-3284CRITICAL9.8ten sam produkt

A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Softwa...

CVE-2019-1710CRITICAL9.8ten sam produkt

A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers run...

CVE-2020-3569HIGH8.6⚠ KEVten sam produkt

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Sof...

CVE-2020-3566HIGH8.6⚠ KEVten sam produkt

A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software cou...

CVE-2022-20714 — HIGH 8.6 | CVEbaza.pl