CVE-2022-20678

Published Apr 15, 2022

Last updated a year ago

Overview

Description: A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-755
ykramarz@cisco.com: CWE-413

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "237136F5-5A1B-4033-8B7C-CDAD66AF25DF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350"
          },
          {
            "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References