CVE-2022-20945
Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by the AP. An attacker could exploit this vulnerability by sending a crafted 802.11 association request to a nearby device. An exploit could allow the attacker to unexpectedly reload the device, resulting in a DoS condition.
Una vulnerabilidad en la comprobación de tramas de asociación 802.11 de los Puntos de Acceso (AP) de la Serie Catalyst 9100 de Cisco podría permitir a un atacante adyacente no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a la insuficiente comprobación de entrada de determinados parámetros dentro de las tramas de petición de asociación recibidas por el AP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición de asociación 802.11 diseñada a un dispositivo cercano. Una explotación podría permitir al atacante recargar inesperadamente el dispositivo, resultando en una condición de DoS
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2021-11-02 CVE Reserved
- 2022-09-30 CVE Published
- 2024-04-20 EPSS Updated
- 2024-11-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Catalyst 9800-l Firmware Search vendor "Cisco" for product "Catalyst 9800-l Firmware" | >= 17.6 < 17.6.4 Search vendor "Cisco" for product "Catalyst 9800-l Firmware" and version " >= 17.6 < 17.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-l Search vendor "Cisco" for product "Catalyst 9800-l" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Catalyst 9800-40 Firmware Search vendor "Cisco" for product "Catalyst 9800-40 Firmware" | >= 17.6 < 17.6.4 Search vendor "Cisco" for product "Catalyst 9800-40 Firmware" and version " >= 17.6 < 17.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-40 Search vendor "Cisco" for product "Catalyst 9800-40" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Catalyst 9800-80 Firmware Search vendor "Cisco" for product "Catalyst 9800-80 Firmware" | >= 17.6 < 17.6.4 Search vendor "Cisco" for product "Catalyst 9800-80 Firmware" and version " >= 17.6 < 17.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-80 Search vendor "Cisco" for product "Catalyst 9800-80" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Catalyst 9800-cl Firmware Search vendor "Cisco" for product "Catalyst 9800-cl Firmware" | >= 17.6 < 17.6.4 Search vendor "Cisco" for product "Catalyst 9800-cl Firmware" and version " >= 17.6 < 17.6.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 9800-cl Search vendor "Cisco" for product "Catalyst 9800-cl" | - | - |
Safe
|