Published: 15/04/2022 Updated: 07/11/2023

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 544

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent malicious user to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the malicious user to cause the device to reload, resulting in a DoS condition.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xe 16.6.1
cisco ios xe 16.6.3
cisco ios xe 16.8.1
cisco ios xe 16.7.1
cisco ios xe 16.6.2
cisco ios xe 16.9.1
cisco ios xe 16.8.1a
cisco ios xe 16.8.1s
cisco ios xe 16.8.1b
cisco ios xe 16.8.2
cisco ios xe 16.7.2
cisco ios xe 16.8.1d
cisco ios xe 16.7.3
cisco ios xe 16.7.1a
cisco ios xe 16.7.1b
cisco ios xe 16.8.1c
cisco ios xe 16.8.1e
cisco ios xe 16.9.1s
cisco ios xe 16.9.1c
cisco ios xe 16.9.1b
cisco ios xe 16.9.1d
cisco ios xe 16.6.4s
cisco ios xe 16.6.4
cisco ios xe 16.10.1
cisco ios xe 16.7.4
cisco ios xe 16.9.1a
cisco ios xe 16.9.2a
cisco ios xe 16.9.2
cisco ios xe 16.6.4a
cisco ios xe 16.12.1
cisco ios xe 16.6.5
cisco ios xe 16.11.1
cisco ios xe 17.1.1
cisco ios xe 16.11.1a
cisco ios xe 16.12.1c
cisco ios xe 16.12.1t
cisco ios xe 16.11.2
cisco ios xe 16.12.1s
cisco ios xe 16.12.1a
cisco ios xe 16.12.1x
cisco ios xe 16.11.1c
cisco ios xe 16.11.1b
cisco ios xe 16.11.1s
cisco ios xe 16.12.1w
cisco ios xe 16.10.1s
cisco ios xe 16.10.1d
cisco ios xe 16.9.2s
cisco ios xe 16.6.6
cisco ios xe 16.9.3h
cisco ios xe 16.6.5b
cisco ios xe 16.6.5a
cisco ios xe 16.9.3a
cisco ios xe 16.10.1a
cisco ios xe 16.10.1f
cisco ios xe 16.10.1g
cisco ios xe 16.10.2
cisco ios xe 16.9.3
cisco ios xe 16.12.1y
cisco ios xe 16.10.1e
cisco ios xe 16.10.1b
cisco ios xe 16.8.3
cisco ios xe 16.9.3s
cisco ios xe 16.10.1c
cisco ios xe 16.9.4
cisco ios xe 16.12.2
cisco ios xe 16.6.7a
cisco ios xe 16.9.4c
cisco ios xe 16.12.2a
cisco ios xe 16.6.7
cisco ios xe 16.10.3
cisco ios xe 16.9.5
cisco ios xe 16.9.5f
cisco ios xe 16.6.8
cisco ios xe 16.6.9
cisco ios xe 17.1.1s
cisco ios xe 16.12.2t
cisco ios xe 17.1.1a
cisco ios xe 16.12.2s
cisco ios xe 17.1.1t
cisco ios xe 3.15.2xbs
cisco ios xe 16.12.1z
cisco ios xe 3.15.1xbs
cisco ios xe 17.1.2
cisco ios xe 17.1.3
cisco ios xe 16.9.6
cisco ios xe 16.12.1z1
cisco ios xe 16.12.1z2
cisco ios xe 16.9.7
cisco ios xe 16.6.10
cisco ios xe 16.9.8

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device This vulnera ...

CWE-20 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey

CVE-2022-20684

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect