CVSS: 7.4EPSS: 0%CPEs: 90EXPL: 0CVE-2022-20684 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20684
A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en la generación de trampas del Protocolo simple de administración de redes (SNMP) para clientes inalámbricos de Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family podría permitir a un atacante adyacente no autenticado causar la recarga no esperada de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS) en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 7.7EPSS: 0%CPEs: 127EXPL: 0CVE-2022-20692 – Cisco IOS XE Software NETCONF Over SSH Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20692
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this vulnerability by initiating a large number of NETCONF over SSH connections. A successful exploit could allow the attacker to exhaust resources, causing the device to reload and resulting in a DoS condition on an affected device. Una vulnerabilidad en la función NETCONF sobre SSH del software Cisco IOS XE podría permitir a un atacante remoto con pocos privilegios y autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncossh-dos-ZAkfOdq8 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 63EXPL: 0CVE-2022-20693 – Cisco IOS XE Software Web UI API Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-20693
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges. Una vulnerabilidad en la funcionalidad de la Interfaz de Usuario web del software Cisco IOS XE podría permitir a un atacante remoto autenticado llevar a cabo un ataque de inyección contra un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webuiapi-inj-Nyrq92Od • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.1EPSS: 0%CPEs: 234EXPL: 0CVE-2022-20694 – Cisco IOS XE Software Border Gateway Protocol Resource Public Key Infrastructure Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20694
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-rpki-dos-2EgCNeKE • CWE-617: Reachable Assertion •
CVSS: 7.4EPSS: 0%CPEs: 49EXPL: 0CVE-2021-1621 – Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1621
A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause a queue wedge on the interface, resulting in a DoS condition. Una vulnerabilidad en el código de punt de Capa 2 de Cisco IOS XE Software podría permitir a un atacante adyacente y no autenticado causar una queue wedge en una interfaz que reciba tramas específicas de Capa 2, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-quewedge-69BsHUBW • CWE-399: Resource Management Errors •