HIGH✓ PATCH🇬🇧 English

CVE-2022-20769

CVSS 7.4v3.1pub. 2022-09-30upd. 2024-11-21

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco 2504 Wireless Lan Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 3504 Wireless Lan Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 5508 Wireless Lan Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 5520 Wireless Lan Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco 8540 Wireless Lan Controller

    HW
    Cisco
    wszystkie wersje
  • Cisco Flex 7510

    HW
    Cisco
    wszystkie wersje
  • Cisco Virtual Wireless Controller

    APP
    Cisco
    wszystkie wersje
  • Cisco Wireless Lan Controller Software

    OS
    Cisco
    < 8.10.171.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2022-20695CRITICAL10.0ten sam produkt

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allo...

CVE-2016-1363CRITICAL9.8ten sam produkt

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7...

CVE-2015-6314CRITICAL9.8ten sam produkt

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131....

CVE-2024-20271HIGH8.6ten sam produkt

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated...

CVE-2021-1419HIGH7.8ten sam produkt

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a lo...