{"containers": {"cna": {"affected": [{"product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2022-04-13T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-15T14:16:13", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"}], "source": {"advisory": "cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "defect": [["CSCvs71784"]], "discovery": "INTERNAL"}, "title": "Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2022-04-13T16:00:00", "ID": "CVE-2022-20684", "STATE": "PUBLIC", "TITLE": "Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS XE Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "7.4", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-190"}]}]}, "references": {"reference_data": [{"name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"}]}, "source": {"advisory": "cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "defect": [["CSCvs71784"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T02:17:53.171Z"}, "title": "CVE Program Container", "references": [{"name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-06T15:59:00.283666Z", "id": "CVE-2022-20684", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T16:26:13.751Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20684", "datePublished": "2022-04-15T14:16:13.428684Z", "dateReserved": "2021-11-02T00:00:00", "dateUpdated": "2024-11-06T16:26:13.751Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T02:17:53.171Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-20684", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-06T15:59:00.283666Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T15:59:23.330Z"}}], "cna": {"title": "Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "source": {"defect": [["CSCvs71784"]], "advisory": "cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco IOS XE Software", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2022-04-13T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2022-04-15T14:16:13"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "7.4", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvs71784"]], "advisory": "cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco IOS XE Software"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey", "name": "20220413 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-190"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-20684", "STATE": "PUBLIC", "TITLE": "Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2022-04-13T16:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2022-20684", "state": "PUBLISHED", "dateUpdated": "2024-11-06T16:26:13.751Z", "dateReserved": "2021-11-02T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2022-04-15T14:16:13.428684Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1xbs:*:*:*:*:*:*:*", "matchCriteriaId": "4BF22C29-84DF-44CA-B574-FE04AB39E344", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2xbs:*:*:*:*:*:*:*", "matchCriteriaId": "C2C7C0BA-D618-4B65-B42C-43393167EEE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*", "matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*", "matchCriteriaId": "3F35C623-6043-43A6-BBAA-478E185480CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*", "matchCriteriaId": "D2833EAE-94C8-4279-A244-DDB6E2D15DC2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*", "matchCriteriaId": "4B688E46-5BAD-4DEC-8B13-B184B141B169", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*", "matchCriteriaId": "3F13F583-F645-4DF0-A075-B4F19D71D128", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "01B53828-C520-4845-9C14-6C7D50EAA3A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "20F23DB7-6F8E-470A-9B43-0ACEEF331C38", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*", "matchCriteriaId": "E5311FBE-12BF-41AC-B8C6-D86007834863", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*", "matchCriteriaId": "52FB055E-72F9-4CB7-A51D-BF096BD1A55D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "521ACFB0-4FB2-44DB-AD7B-C27F9059DE66", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*", "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*", "matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*", "matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*", "matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*", "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*", "matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*", "matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*", "matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*", "matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*", "matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*", "matchCriteriaId": "3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*", "matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*", "matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*", "matchCriteriaId": "F84AE35F-D016-4B8F-8FE2-C2ACB200DFED", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*", "matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*", "matchCriteriaId": "D07F9539-CFBE-46F7-9F5E-93A68169797D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*", "matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "79CF8D4E-F82A-469C-A8C2-0C203A800A05", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*", "matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*", "matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*", "matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*", "matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*", "matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*", "matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*", "matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*", "matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*", "matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*", "matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*", "matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*", "matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*", "matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*", "matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*", "matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*", "matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*", "matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*", "matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*", "matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*", "matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*", "matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z2:*:*:*:*:*:*:*", "matchCriteriaId": "46E37204-FC9A-4397-AFA4-9CAC7A116D55", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*", "matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*", "matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*", "matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*", "matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*", "matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en la generaci\u00f3n de trampas del Protocolo simple de administraci\u00f3n de redes (SNMP) para clientes inal\u00e1mbricos de Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family podr\u00eda permitir a un atacante adyacente no autenticado causar la recarga no esperada de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el dispositivo. Esta vulnerabilidad es debido a una falta de comprobaci\u00f3n de entrada de la informaci\u00f3n usada para generar una trampa SNMP relacionada con un evento de conexi\u00f3n de cliente inal\u00e1mbrico. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un paquete 802.1x con par\u00e1metros dise\u00f1ados durante la fase de configuraci\u00f3n de la autenticaci\u00f3n inal\u00e1mbrica de una conexi\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar a el dispositivo recargarse, resultando en una condici\u00f3n de DoS"}], "id": "CVE-2022-20684", "lastModified": "2024-11-21T06:43:19.027", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-15T15:15:12.720", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}