CVE-2022-20804Improper Check for Unusual or Exceptional Conditions in Cisco Unified Communications Manager

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
6.5MEDIUMNVD
CNA5.3
EPSS
0.1%
top 72.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Unified Communications ManagerCisco Unified Communications Manager
Timeline
PublishedApr 21
Latest updateApr 22

Description

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by continuously sending cer

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-x87q-gpr2-r7wm: A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session2022-04-22
CVEList
Cisco Unified Communications Products Denial of Service Vulnerability2022-04-21

📋Vendor Advisories

1
Cisco
Cisco Unified Communications Products Denial of Service Vulnerability2022-04-20
CVE-2022-20804 — Cisco vulnerability | cvebase