CVE-2022-20761Uncaught Exception in Cisco IOS

CWE-248Uncaught ExceptionCWE-20Improper Input Validation4 documents4 sources
Severity
6.5MEDIUMNVD
CNA7.4
EPSS
0.1%
top 72.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS
Timeline
PublishedApr 15
Latest updateApr 16

Description

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to sto

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDcisco/ios86 versions+85
CVEListV5cisco/cisco_iosn/a

🔴Vulnerability Details

2
GHSA
GHSA-7xcx-pr3v-pq9c: A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an u2022-04-16
CVEList
Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability2022-04-15

📋Vendor Advisories

1
Cisco
Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability2022-04-13
CVE-2022-20761 — Uncaught Exception in Cisco IOS | cvebase