VDB
CVE-2022-20624
CVE-2022-20624
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
EPSS 7.18% · 91.7th percentile
Risk Scores
CVSS 2.0
7.800000190734863
EPSS Score
7.18%
91.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco NX-OS Software | * |
| cisco | nx-os | 9.2\(2\), 9.3\(3\), 4.1\(1a\)a |
Exploit Intelligence
Timeline
- Feb 23, 2022 CVE Published
- Feb 24, 2022 EPSS Score
- Apr 17, 2022 EPSS Score
- Jul 31, 2022 EPSS Score
- Sep 21, 2022 EPSS Score
- Jan 2, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
- Jul 29, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Jan 1, 2024 EPSS Score
References
- 20220223 Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability vendor-advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-20624 advisory