#VU62315 Reachable Assertion in Cisco Systems, Inc products - CVE-2022-20694
Published: April 14, 2022
Vulnerability identifier: #VU62315
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-20694
CWE-ID: CWE-617
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco IOS XE
Cisco 1000 Series Integrated Services Routers
Cisco 4000 Series Integrated Services Routers
Cisco 8000 Series Routers
Cisco 9800 Series Wireless Controllers
Cisco ASR 1000 Series Aggregation Services Routers
Cisco ASR 900 Series Aggregation Services Routers
Cisco ASR 920 Series Aggregation Services Router
Catalyst 3650 Series Switches
Catalyst 3850 Series Switches
Catalyst 8000V Edge Software
Catalyst 8200 Series Edge Platforms
Catalyst 8300 Series Edge Platforms
Catalyst 8300 Series Edge Universal CPE
Catalyst 8500L Series Edge Platforms
Catalyst 9200 Series Switches
Catalyst 9300 Series Switches
Catalyst 9400 Series Switches
Catalyst 9500 Series Switches
Catalyst 9500H Series Switches
Catalyst 9600 Series Switches
Catalyst 9800 Series Wireless Controllers
Catalyst IE3200 Rugged Series
Catalyst IE3300 Rugged Series
Catalyst IE3400 Heavy Duty Series
Catalyst IE3400 Rugged Series
Catalyst IE9300 Rugged Series
Cloud Services Router 1000V Series
ESR6300 Embedded Series Routers
Embedded Services 3300 Series Switches
Integrated Services Virtual Router
cBR Series Converged Broadband Routers
Catalyst 8200 Series Edge uCPE
Catalyst 8500 Series Edge Platforms
Catalyst Cellular Gateways
Catalyst ESS9300 Embedded Series Switch
Network Convergence System 500 Series Routers
Cisco IOS XE
Cisco 1000 Series Integrated Services Routers
Cisco 4000 Series Integrated Services Routers
Cisco 8000 Series Routers
Cisco 9800 Series Wireless Controllers
Cisco ASR 1000 Series Aggregation Services Routers
Cisco ASR 900 Series Aggregation Services Routers
Cisco ASR 920 Series Aggregation Services Router
Catalyst 3650 Series Switches
Catalyst 3850 Series Switches
Catalyst 8000V Edge Software
Catalyst 8200 Series Edge Platforms
Catalyst 8300 Series Edge Platforms
Catalyst 8300 Series Edge Universal CPE
Catalyst 8500L Series Edge Platforms
Catalyst 9200 Series Switches
Catalyst 9300 Series Switches
Catalyst 9400 Series Switches
Catalyst 9500 Series Switches
Catalyst 9500H Series Switches
Catalyst 9600 Series Switches
Catalyst 9800 Series Wireless Controllers
Catalyst IE3200 Rugged Series
Catalyst IE3300 Rugged Series
Catalyst IE3400 Heavy Duty Series
Catalyst IE3400 Rugged Series
Catalyst IE9300 Rugged Series
Cloud Services Router 1000V Series
ESR6300 Embedded Series Routers
Embedded Services 3300 Series Switches
Integrated Services Virtual Router
cBR Series Converged Broadband Routers
Catalyst 8200 Series Edge uCPE
Catalyst 8500 Series Edge Platforms
Catalyst Cellular Gateways
Catalyst ESS9300 Embedded Series Switch
Network Convergence System 500 Series Routers
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in the implementation of the Resource Public Key Infrastructure (RPKI) feature. A remote attacker can send a specially crafted RTR packet and cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service condition.
Remediation
Install updates from vendor's website.