Denial of service in Cisco Products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-28199 |
| CWE-ID | CWE-388 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Catalyst 8000V Edge Software Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Adaptive Security Virtual Appliance (ASAv) Server applications / Virtualization software Cisco Firepower Threat Defense Virtual (FTDv) Server applications / IDS/IPS systems, Firewalls and proxy servers |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Error Handling
EUVDB-ID: #VU66809
Risk: Medium
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28199
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect error handling of data within the mlx5 driver. A remote guest can send specially crafted packets to the application and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsCatalyst 8000V Edge Software: 17.6 - 17.8
Cisco Adaptive Security Virtual Appliance (ASAv): 9.17 - 9.18
Cisco Firepower Threat Defense Virtual (FTDv): 7.1 - 7.2
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlx5-jbPCrqD8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
