A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.
References
| Link | Resource |
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appnav-xe-dos-j5MXTR4 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
No history.
Information
Published : 2022-04-15 15:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-20678
Mitre link : CVE-2022-20678
CVE.ORG link : CVE-2022-20678
JSON object : View
Products Affected
cisco
- 1131_integrated_services_router
- 1100-6g_integrated_services_router
- 4331_integrated_services_router
- catalyst_8300-2n2s-6t
- 111x_integrated_services_router
- 1101_integrated_services_router
- catalyst_8500
- catalyst_8300-2n2s-4t2x
- ios_xe
- 1120_integrated_services_router
- 1109_integrated_services_router
- 4431_integrated_services_router
- cloud_services_router_1000v
- 4461_integrated_services_router
- catalyst_8300-1n1s-6t
- 1111x_integrated_services_router
- 1100-4g_integrated_services_router
- asr_1002-x
- catalyst_8500l
- 1160_integrated_services_router
- catalyst_8300-1n1s-4t2x
- catalyst_8500-4qc
- 4221_integrated_services_router
- asr_1001-x
- catalyst_8000v_edge