VDB

CVE-2022-20761

CVE-2022-20761 PUBLISHED CVSS 7.400000095367432 HIGH

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.

EPSS 0.10% · 27.4th percentile

Risk Scores

CVSS 3.1
7.400000095367432
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.10%
27.4th percentile

Affected Products

VendorProductVersions
CiscoCisco IOSn/a
ciscoios15.4\(2\)cg, 15.4\(3\)m, 15.4\(3\)m1

Exploit Intelligence

Timeline

  • Apr 14, 2022 CVE Published
  • Apr 16, 2022 EPSS Score
  • Jun 5, 2022 EPSS Score
  • Jul 26, 2022 EPSS Score
  • Sep 14, 2022 EPSS Score
  • Nov 4, 2022 EPSS Score
  • Dec 24, 2022 EPSS Score
  • Feb 12, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • May 23, 2023 EPSS Score
  • Jul 12, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›