Versio.io

CVE-2022-20694

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 15-04-2022 05:15
Last modified: - 27-04-2022 05:52
Total changes: - 2

Description

A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
High
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Changed
Scope
None
User interaction
6.8
Base score
2.2
4.0
Exploitability score
Impact score
 

Verification logic

OR
vendor=cisco AND product=ios_xe AND version=3.7.0bs
vendor=cisco AND product=ios_xe AND version=3.7.0s
vendor=cisco AND product=ios_xe AND version=3.7.0xas
vendor=cisco AND product=ios_xe AND version=3.7.0xbs
vendor=cisco AND product=ios_xe AND version=3.7.1as
vendor=cisco AND product=ios_xe AND version=3.7.1s
vendor=cisco AND product=ios_xe AND version=3.7.2s
vendor=cisco AND product=ios_xe AND version=3.7.2ts
vendor=cisco AND product=ios_xe AND version=3.7.3s
vendor=cisco AND product=ios_xe AND version=3.7.4as
vendor=cisco AND product=ios_xe AND version=3.7.4s
vendor=cisco AND product=ios_xe AND version=3.7.5s
vendor=cisco AND product=ios_xe AND version=3.7.6s
vendor=cisco AND product=ios_xe AND version=3.7.7s
vendor=cisco AND product=ios_xe AND version=3.7.8s
vendor=cisco AND product=ios_xe AND version=3.8.0s
vendor=cisco AND product=ios_xe AND version=3.8.1s
vendor=cisco AND product=ios_xe AND version=3.8.2s
vendor=cisco AND product=ios_xe AND version=3.9.0as
vendor=cisco AND product=ios_xe AND version=3.9.0s
vendor=cisco AND product=ios_xe AND version=3.9.0xas
vendor=cisco AND product=ios_xe AND version=3.9.1as
vendor=cisco AND product=ios_xe AND version=3.9.1s
vendor=cisco AND product=ios_xe AND version=3.9.2s
vendor=cisco AND product=ios_xe AND version=3.10.0s
vendor=cisco AND product=ios_xe AND version=3.10.1s
vendor=cisco AND product=ios_xe AND version=3.10.1xbs
vendor=cisco AND product=ios_xe AND version=3.10.1xcs
vendor=cisco AND product=ios_xe AND version=3.10.2as
vendor=cisco AND product=ios_xe AND version=3.10.2s
vendor=cisco AND product=ios_xe AND version=3.10.2ts
vendor=cisco AND product=ios_xe AND version=3.10.3s
vendor=cisco AND product=ios_xe AND version=3.10.4s
vendor=cisco AND product=ios_xe AND version=3.10.5s
vendor=cisco AND product=ios_xe AND version=3.10.6s
vendor=cisco AND product=ios_xe AND version=3.10.7s
vendor=cisco AND product=ios_xe AND version=3.10.8as
vendor=cisco AND product=ios_xe AND version=3.10.8s
vendor=cisco AND product=ios_xe AND version=3.10.9s
vendor=cisco AND product=ios_xe AND version=3.10.10s
vendor=cisco AND product=ios_xe AND version=3.11.0s
vendor=cisco AND product=ios_xe AND version=3.11.1s
vendor=cisco AND product=ios_xe AND version=3.11.2s
vendor=cisco AND product=ios_xe AND version=3.11.3s
vendor=cisco AND product=ios_xe AND version=3.11.4s
vendor=cisco AND product=ios_xe AND version=3.11.5e
vendor=cisco AND product=ios_xe AND version=3.12.0as
vendor=cisco AND product=ios_xe AND version=3.12.0s
vendor=cisco AND product=ios_xe AND version=3.12.1s
vendor=cisco AND product=ios_xe AND version=3.12.2s
vendor=cisco AND product=ios_xe AND version=3.12.3s
vendor=cisco AND product=ios_xe AND version=3.12.4s
vendor=cisco AND product=ios_xe AND version=3.13.0as
vendor=cisco AND product=ios_xe AND version=3.13.0s
vendor=cisco AND product=ios_xe AND version=3.13.1s
vendor=cisco AND product=ios_xe AND version=3.13.2as
vendor=cisco AND product=ios_xe AND version=3.13.2s
vendor=cisco AND product=ios_xe AND version=3.13.3s
vendor=cisco AND product=ios_xe AND version=3.13.4s
vendor=cisco AND product=ios_xe AND version=3.13.5as
vendor=cisco AND product=ios_xe AND version=3.13.5s
vendor=cisco AND product=ios_xe AND version=3.13.6as
vendor=cisco AND product=ios_xe AND version=3.13.6bs
vendor=cisco AND product=ios_xe AND version=3.13.6s
vendor=cisco AND product=ios_xe AND version=3.13.7as
vendor=cisco AND product=ios_xe AND version=3.13.7s
vendor=cisco AND product=ios_xe AND version=3.13.8s
vendor=cisco AND product=ios_xe AND version=3.13.9s
vendor=cisco AND product=ios_xe AND version=3.13.10s
vendor=cisco AND product=ios_xe AND version=3.14.0s
vendor=cisco AND product=ios_xe AND version=3.14.1s
vendor=cisco AND product=ios_xe AND version=3.14.2s
vendor=cisco AND product=ios_xe AND version=3.14.3s
vendor=cisco AND product=ios_xe AND version=3.14.4s
vendor=cisco AND product=ios_xe AND version=3.15.0s
vendor=cisco AND product=ios_xe AND version=3.15.1cs
vendor=cisco AND product=ios_xe AND version=3.15.1s
vendor=cisco AND product=ios_xe AND version=3.15.1xbs
vendor=cisco AND product=ios_xe AND version=3.15.2s
vendor=cisco AND product=ios_xe AND version=3.15.3s
vendor=cisco AND product=ios_xe AND version=3.15.4s
vendor=cisco AND product=ios_xe AND version=3.16.0as
vendor=cisco AND product=ios_xe AND version=3.16.0bs
vendor=cisco AND product=ios_xe AND version=3.16.0cs
vendor=cisco AND product=ios_xe AND version=3.16.0s
vendor=cisco AND product=ios_xe AND version=3.16.1as
vendor=cisco AND product=ios_xe AND version=3.16.1s
vendor=cisco AND product=ios_xe AND version=3.16.2as
vendor=cisco AND product=ios_xe AND version=3.16.2bs
vendor=cisco AND product=ios_xe AND version=3.16.2s
vendor=cisco AND product=ios_xe AND version=3.16.3as
vendor=cisco AND product=ios_xe AND version=3.16.3s
vendor=cisco AND product=ios_xe AND version=3.16.4as
vendor=cisco AND product=ios_xe AND version=3.16.4bs
vendor=cisco AND product=ios_xe AND version=3.16.4cs
vendor=cisco AND product=ios_xe AND version=3.16.4ds
vendor=cisco AND product=ios_xe AND version=3.16.4es
vendor=cisco AND product=ios_xe AND version=3.16.4gs
vendor=cisco AND product=ios_xe AND version=3.16.4s
vendor=cisco AND product=ios_xe AND version=3.16.5as
vendor=cisco AND product=ios_xe AND version=3.16.5bs
vendor=cisco AND product=ios_xe AND version=3.16.5s
vendor=cisco AND product=ios_xe AND version=3.16.6bs
vendor=cisco AND product=ios_xe AND version=3.16.6s
vendor=cisco AND product=ios_xe AND version=3.16.7as
vendor=cisco AND product=ios_xe AND version=3.16.7bs
vendor=cisco AND product=ios_xe AND version=3.16.7s
vendor=cisco AND product=ios_xe AND version=3.16.8s
vendor=cisco AND product=ios_xe AND version=3.16.9s
vendor=cisco AND product=ios_xe AND version=3.16.10as
vendor=cisco AND product=ios_xe AND version=3.16.10bs
vendor=cisco AND product=ios_xe AND version=3.16.10cs
vendor=cisco AND product=ios_xe AND version=3.16.10s
vendor=cisco AND product=ios_xe AND version=3.17.0s
vendor=cisco AND product=ios_xe AND version=3.17.1as
vendor=cisco AND product=ios_xe AND version=3.17.1s
vendor=cisco AND product=ios_xe AND version=3.17.2s
vendor=cisco AND product=ios_xe AND version=3.17.3s
vendor=cisco AND product=ios_xe AND version=3.17.4s
vendor=cisco AND product=ios_xe AND version=3.18.0as
vendor=cisco AND product=ios_xe AND version=3.18.0s
vendor=cisco AND product=ios_xe AND version=3.18.0sp
vendor=cisco AND product=ios_xe AND version=3.18.1asp
vendor=cisco AND product=ios_xe AND version=3.18.1bsp
vendor=cisco AND product=ios_xe AND version=3.18.1csp
vendor=cisco AND product=ios_xe AND version=3.18.1gsp
vendor=cisco AND product=ios_xe AND version=3.18.1hsp
vendor=cisco AND product=ios_xe AND version=3.18.1isp
vendor=cisco AND product=ios_xe AND version=3.18.1s
vendor=cisco AND product=ios_xe AND version=3.18.1sp
vendor=cisco AND product=ios_xe AND version=3.18.2asp
vendor=cisco AND product=ios_xe AND version=3.18.2s
vendor=cisco AND product=ios_xe AND version=3.18.2sp
vendor=cisco AND product=ios_xe AND version=3.18.3asp
vendor=cisco AND product=ios_xe AND version=3.18.3bsp
vendor=cisco AND product=ios_xe AND version=3.18.3s
vendor=cisco AND product=ios_xe AND version=3.18.3sp
vendor=cisco AND product=ios_xe AND version=3.18.4s
vendor=cisco AND product=ios_xe AND version=3.18.4sp
vendor=cisco AND product=ios_xe AND version=3.18.5sp
vendor=cisco AND product=ios_xe AND version=3.18.6sp
vendor=cisco AND product=ios_xe AND version=3.18.7sp
vendor=cisco AND product=ios_xe AND version=3.18.8asp
vendor=cisco AND product=ios_xe AND version=3.18.8sp
vendor=cisco AND product=ios_xe AND version=3.18.9sp
vendor=cisco AND product=ios_xe AND version=3.18.10sp
vendor=cisco AND product=ios_xe AND version=16.1.1
vendor=cisco AND product=ios_xe AND version=16.1.2
vendor=cisco AND product=ios_xe AND version=16.1.3
vendor=cisco AND product=ios_xe AND version=16.2.1
vendor=cisco AND product=ios_xe AND version=16.2.2
vendor=cisco AND product=ios_xe AND version=16.3.1
vendor=cisco AND product=ios_xe AND version=16.3.1a
vendor=cisco AND product=ios_xe AND version=16.3.2
vendor=cisco AND product=ios_xe AND version=16.3.3
vendor=cisco AND product=ios_xe AND version=16.3.4
vendor=cisco AND product=ios_xe AND version=16.3.5
vendor=cisco AND product=ios_xe AND version=16.3.5b
vendor=cisco AND product=ios_xe AND version=16.3.6
vendor=cisco AND product=ios_xe AND version=16.3.7
vendor=cisco AND product=ios_xe AND version=16.3.8
vendor=cisco AND product=ios_xe AND version=16.3.9
vendor=cisco AND product=ios_xe AND version=16.3.10
vendor=cisco AND product=ios_xe AND version=16.3.11
vendor=cisco AND product=ios_xe AND version=16.4.1
vendor=cisco AND product=ios_xe AND version=16.4.2
vendor=cisco AND product=ios_xe AND version=16.4.3
vendor=cisco AND product=ios_xe AND version=16.5.1
vendor=cisco AND product=ios_xe AND version=16.5.1a
vendor=cisco AND product=ios_xe AND version=16.5.1b
vendor=cisco AND product=ios_xe AND version=16.5.2
vendor=cisco AND product=ios_xe AND version=16.5.3
vendor=cisco AND product=ios_xe AND version=16.6.1
vendor=cisco AND product=ios_xe AND version=16.6.2
vendor=cisco AND product=ios_xe AND version=16.6.3
vendor=cisco AND product=ios_xe AND version=16.6.4
vendor=cisco AND product=ios_xe AND version=16.6.4a
vendor=cisco AND product=ios_xe AND version=16.6.4s
vendor=cisco AND product=ios_xe AND version=16.6.5
vendor=cisco AND product=ios_xe AND version=16.6.5a
vendor=cisco AND product=ios_xe AND version=16.6.5b
vendor=cisco AND product=ios_xe AND version=16.6.6
vendor=cisco AND product=ios_xe AND version=16.6.7
vendor=cisco AND product=ios_xe AND version=16.6.7a
vendor=cisco AND product=ios_xe AND version=16.6.8
vendor=cisco AND product=ios_xe AND version=16.6.9
vendor=cisco AND product=ios_xe AND version=16.6.10
vendor=cisco AND product=ios_xe AND version=16.7.1
vendor=cisco AND product=ios_xe AND version=16.7.1a
vendor=cisco AND product=ios_xe AND version=16.7.1b
vendor=cisco AND product=ios_xe AND version=16.7.2
vendor=cisco AND product=ios_xe AND version=16.7.3
vendor=cisco AND product=ios_xe AND version=16.7.4
vendor=cisco AND product=ios_xe AND version=16.8.1
vendor=cisco AND product=ios_xe AND version=16.8.1a
vendor=cisco AND product=ios_xe AND version=16.8.1b
vendor=cisco AND product=ios_xe AND version=16.8.1c
vendor=cisco AND product=ios_xe AND version=16.8.1d
vendor=cisco AND product=ios_xe AND version=16.8.1e
vendor=cisco AND product=ios_xe AND version=16.8.1s
vendor=cisco AND product=ios_xe AND version=16.8.2
vendor=cisco AND product=ios_xe AND version=16.8.3
vendor=cisco AND product=ios_xe AND version=16.9.1
vendor=cisco AND product=ios_xe AND version=16.9.1a
vendor=cisco AND product=ios_xe AND version=16.9.1b
vendor=cisco AND product=ios_xe AND version=16.9.1c
vendor=cisco AND product=ios_xe AND version=16.9.1d
vendor=cisco AND product=ios_xe AND version=16.9.1s
vendor=cisco AND product=ios_xe AND version=16.9.2
vendor=cisco AND product=ios_xe AND version=16.9.2a
vendor=cisco AND product=ios_xe AND version=16.9.2s
vendor=cisco AND product=ios_xe AND version=16.9.3
vendor=cisco AND product=ios_xe AND version=16.9.3a
vendor=cisco AND product=ios_xe AND version=16.9.3h
vendor=cisco AND product=ios_xe AND version=16.9.3s
vendor=cisco AND product=ios_xe AND version=16.9.4
vendor=cisco AND product=ios_xe AND version=16.9.4c
vendor=cisco AND product=ios_xe AND version=16.9.5
vendor=cisco AND product=ios_xe AND version=16.9.5f
vendor=cisco AND product=ios_xe AND version=16.9.6
vendor=cisco AND product=ios_xe AND version=16.9.7
vendor=cisco AND product=ios_xe AND version=16.9.8
vendor=cisco AND product=ios_xe AND version=16.10.1
vendor=cisco AND product=ios_xe AND version=16.10.1a
vendor=cisco AND product=ios_xe AND version=16.10.1b
vendor=cisco AND product=ios_xe AND version=16.10.1c
vendor=cisco AND product=ios_xe AND version=16.10.1d
vendor=cisco AND product=ios_xe AND version=16.10.1e
vendor=cisco AND product=ios_xe AND version=16.10.1f
vendor=cisco AND product=ios_xe AND version=16.10.1g
vendor=cisco AND product=ios_xe AND version=16.10.1s
vendor=cisco AND product=ios_xe AND version=16.10.2
vendor=cisco AND product=ios_xe AND version=16.10.3
vendor=cisco AND product=ios_xe AND version=17.6.1w
 

Reference

 


Keywords

NVD

 

CVE-2022-20694

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.