HIGH✓ PATCH🇬🇧 English

CVE-2022-20697

CVSS 8.6v3.1pub. 2022-04-15upd. 2024-11-21

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco IOS

    OS
    Cisco
    15.1\(3\)svr115.1\(3\)svr215.1\(3\)svr315.1\(3\)svs15.1\(3\)svs115.1\(3\)svt115.1\(3\)svt215.1\(3\)svt315.1\(3\)svu115.1\(3\)svu1015.1\(3\)svu215.1\(3\)svv115.2\(234k\)e15.2\(7\)e315.2\(7\)e3a+ 11 więcej
  • Cisco IOS XE

    OS
    Cisco
    3.11.3ae3.11.3e3.11.4e
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2023-20198CRITICAL10.0⚠ KEVten sam produkt

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...

CVE-2018-0151CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software coul...

CVE-2018-0171CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an un...

CVE-2017-12240CRITICAL9.8⚠ KEVten sam produkt

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability tha...

CVE-2017-3881CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...