HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-20697

CVSS 8.6v3.1pub. 2022-04-15upd. 2024-11-21

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco IOS

    OS
    Cisco
    15.1\(3\)svr115.1\(3\)svr215.1\(3\)svr315.1\(3\)svs15.1\(3\)svs115.1\(3\)svt115.1\(3\)svt215.1\(3\)svt315.1\(3\)svu115.1\(3\)svu1015.1\(3\)svu215.1\(3\)svv115.2\(234k\)e15.2\(7\)e315.2\(7\)e3a+ 11 więcej
  • Cisco IOS XE

    OS
    Cisco
    3.11.3ae3.11.3e3.11.4e
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2023-20198CRITICAL10.0⚠ KEVten sam produkt

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...

CVE-2018-0151CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software coul...

CVE-2018-0171CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an un...

CVE-2017-12240CRITICAL9.8⚠ KEVten sam produkt

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability tha...

CVE-2017-3881CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...