CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20689

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.0%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2022-20689

Cisco » Ata 190 » Version: N/A

cpe:2.3:h:cisco:ata_190:-
Cisco » Ata 191 » Version: N/A

cpe:2.3:h:cisco:ata_191:-
Cisco » Ata 192 » Version: N/A

cpe:2.3:h:cisco:ata_192:-
Cisco » Ata 190 Firmware » Version: N/A

cpe:2.3:o:cisco:ata_190_firmware:-
Cisco » Ata 191 Firmware » Version: Any

cpe:2.3:o:cisco:ata_191_firmware:*
Cisco » Ata 191 Firmware » Version: 12.0.1

cpe:2.3:o:cisco:ata_191_firmware:12.0.1
Cisco » Ata 192 Firmware » Version: Any

cpe:2.3:o:cisco:ata_192_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20689

Products

Pricing

Contact Us