CVE-2022-20769
Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.
Una vulnerabilidad en la funcionalidad de autenticación del software AireOS de Cisco Wireless LAN Controller (WLC) podría permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a que la comprobación de errores es insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes diseñados a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar el bloqueo del controlador de la LAN inalámbrica, resultando en una condición de DoS. Nota: Esta vulnerabilidad sólo afecta a dispositivos que presentan habilitado el modo FIPS (Federal Information Processing Standards)
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2021-11-02 CVE Reserved
- 2022-09-30 CVE Published
- 2024-04-20 EPSS Updated
- 2024-11-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Virtual Wireless Controller Search vendor "Cisco" for product "Virtual Wireless Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | 2504 Wireless Lan Controller Search vendor "Cisco" for product "2504 Wireless Lan Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | 3504 Wireless Lan Controller Search vendor "Cisco" for product "3504 Wireless Lan Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | 5508 Wireless Lan Controller Search vendor "Cisco" for product "5508 Wireless Lan Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | 5520 Wireless Lan Controller Search vendor "Cisco" for product "5520 Wireless Lan Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | 8540 Wireless Lan Controller Search vendor "Cisco" for product "8540 Wireless Lan Controller" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software" | < 8.10.171.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " < 8.10.171.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Flex 7510 Search vendor "Cisco" for product "Flex 7510" | - | - |
Safe
|