#VU62338 Input validation error in Cisco Systems, Inc products - CVE-2022-20679


Vulnerability identifier: #VU62338

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-20679

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS XE
Operating systems & Components / Operating system
Cisco 1000 Series Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
4221 Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
4321 Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
4331 Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
4351 Integrated Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8200 Series Edge Platforms
Hardware solutions / Routers & switches, VoIP, GSM, etc
Catalyst 8300 Series Edge Platforms
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the IPSec decryption routine. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco IOS XE: All versions

Cisco 1000 Series Integrated Services Routers: All versions

4221 Integrated Services Routers: All versions

4321 Integrated Services Routers: All versions

4331 Integrated Services Routers: All versions

4351 Integrated Services Routers: All versions

Catalyst 8200 Series Edge Platforms: All versions

Catalyst 8300 Series Edge Platforms: All versions

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-qfp-ipsec-GQmqvtqV

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Denial of service in Cisco IOS XE Software