CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20678

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.8%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 7.8

References

Products affected by CVE-2022-20678

Cisco » Catalyst 8000v Edge » Version: N/A

cpe:2.3:a:cisco:catalyst_8000v_edge:-
Cisco » Cloud Services Router 1000v » Version: N/A

cpe:2.3:a:cisco:cloud_services_router_1000v:-
Cisco » 1100-4g Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1100-4g_integrated_services_router:-
Cisco » 1100-6g Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1100-6g_integrated_services_router:-
Cisco » 1101 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1101_integrated_services_router:-
Cisco » 1109 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1109_integrated_services_router:-
Cisco » 1111x Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1111x_integrated_services_router:-
Cisco » 111x Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:111x_integrated_services_router:-
Cisco » 1120 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1120_integrated_services_router:-
Cisco » 1131 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1131_integrated_services_router:-
Cisco » 1160 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:1160_integrated_services_router:-
Cisco » 4221 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4221_integrated_services_router:-
Cisco » 4331 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4331_integrated_services_router:-
Cisco » 4431 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4431_integrated_services_router:-
Cisco » 4461 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4461_integrated_services_router:-
Cisco » Asr 1001-X » Version: N/A

cpe:2.3:h:cisco:asr_1001-x:-
Cisco » Asr 1002-X » Version: N/A

cpe:2.3:h:cisco:asr_1002-x:-
Cisco » Catalyst 8300-1n1s-4t2x » Version: N/A

cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-
Cisco » Catalyst 8300-1n1s-6t » Version: N/A

cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-
Cisco » Catalyst 8300-2n2s-4t2x » Version: N/A

cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-
Cisco » Catalyst 8300-2n2s-6t » Version: N/A

cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-
Cisco » Catalyst 8500-4qc » Version: N/A

cpe:2.3:h:cisco:catalyst_8500-4qc:-
Cisco » Catalyst 8500 » Version: N/A

cpe:2.3:h:cisco:catalyst_8500:-
Cisco » Catalyst 8500l » Version: N/A

cpe:2.3:h:cisco:catalyst_8500l:-
Cisco » Ios Xe » Version: 16.12.4

cpe:2.3:o:cisco:ios_xe:16.12.4
Cisco » Ios Xe » Version: 16.12.5

cpe:2.3:o:cisco:ios_xe:16.12.5
Cisco » Ios Xe » Version: 16.9.6

cpe:2.3:o:cisco:ios_xe:16.9.6
Cisco » Ios Xe » Version: 17.3.3

cpe:2.3:o:cisco:ios_xe:17.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20678

Products

Pricing

Contact Us