CVE-2022-20728 — Improper Access Control in Cisco Aironet Access Point Software

CWE-284 — Improper Access Control4 documents4 sources

Severity

4.7MEDIUMNVD

EPSS

0.1%

top 78.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Aironet Access Point Software Cisco Aironet 1542d Firmware Cisco Aironet 1542i Firmware +24 more

Timeline

PublishedSep 30

Latest updateOct 1

Description

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly …

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages27 packages

▶CVEListV5cisco/cisco_aironet_access_point_softwaren/a

▶NVDcisco/aironet_1830_firmware017.006\(001\)

▶NVDcisco/aironet_1840_firmware017.006\(001\)

▶NVDcisco/aironet_4800_firmware017.006\(001\)

▶NVDcisco/aironet_1542d_firmware017.006\(001\)

🔴Vulnerability Details

GHSA

GHSA-66v9-vq83-62h5: A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packet↗2022-10-01

▶

CVEList

Cisco Access Points VLAN Bypass from Native VLAN Vulnerability↗2022-09-30

▶

📋Vendor Advisories

Cisco

Cisco Access Points VLAN Bypass from Native VLAN Vulnerability↗2022-09-27

▶