HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-20678

CVSS 8.6v3.1pub. 2022-04-15upd. 2024-11-21

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco 1100 4g Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1100 6g Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1101 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1109 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1111x Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 111x Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1120 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1131 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 1160 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 4221 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 4331 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 4431 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco 4461 Integrated Services Router

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 1001 X

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 1002 X

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8000v Edge

    APP
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8300 1n1s 4t2x

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8300 1n1s 6t

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8300 2n2s 4t2x

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8300 2n2s 6t

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8500

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8500 4qc

    HW
    Cisco
    wszystkie wersje
  • Cisco Catalyst 8500l

    HW
    Cisco
    wszystkie wersje
  • Cisco Cloud Services Router 1000v

    APP
    Cisco
    wszystkie wersje
  • Cisco IOS XE

    OS
    Cisco
    16.12.416.12.516.9.617.3.3
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2023-20198CRITICAL10.0⚠ KEVten sam produkt

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...

CVE-2018-0151CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software coul...

CVE-2017-12240CRITICAL9.8⚠ KEVten sam produkt

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability tha...

CVE-2017-3881CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...

CVE-2025-20363CRITICAL9.0PL ✓ten sam produkt

RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP