CVE-2022-20728

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:aironet_1542d_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:aironet_1542i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:aironet_1562i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:aironet_1562e_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:aironet_1562d_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:cisco:aironet_1815i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:cisco:aironet_1815m_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:cisco:aironet_1815t_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:cisco:aironet_1815w_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:cisco:aironet_1830_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1830:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:cisco:aironet_1840_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:cisco:aironet_1850e_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:cisco:aironet_1850i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:cisco:aironet_2800i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:cisco:aironet_2800e_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:cisco:aironet_3800i_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:cisco:aironet_3800e_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:cisco:aironet_3800p_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:cisco:aironet_4800_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:cisco:catalyst_9105ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:cisco:catalyst_9115ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:cisco:catalyst_9117ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:cisco:catalyst_9120ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:cisco:catalyst_9124ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:cisco:catalyst_9130ax_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:cisco:catalyst_iw6300_firmware:017.006\(001\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:43

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY - Vendor Advisory

Information

Published : 2022-09-30 19:15

Updated : 2024-11-21 06:43

NVD link : CVE-2022-20728

Mitre link : CVE-2022-20728

CVE.ORG link : CVE-2022-20728

JSON object : View

Products Affected

cisco

aironet_1562d
aironet_1815i_firmware
aironet_2800i_firmware
catalyst_9105ax_firmware
aironet_1815i
aironet_1815t_firmware
aironet_1542i_firmware
aironet_1815w
aironet_1850i
aironet_1850i_firmware
catalyst_9117ax
aironet_2800e
catalyst_iw6300_firmware
aironet_1830_firmware
catalyst_9124ax
catalyst_9117ax_firmware
aironet_1850e_firmware
aironet_1830
aironet_1815t
aironet_1840
aironet_3800i
aironet_4800
aironet_2800i
catalyst_9120ax_firmware
aironet_1562e
aironet_3800i_firmware
catalyst_9115ax_firmware
aironet_1815w_firmware
aironet_3800e_firmware
aironet_3800e
catalyst_9130ax
aironet_1850e
aironet_3800p_firmware
aironet_2800e_firmware
catalyst_9115ax
aironet_1542d_firmware
aironet_1815m_firmware
aironet_1542i
catalyst_iw6300
aironet_1562d_firmware
catalyst_9124ax_firmware
aironet_3800p
catalyst_9130ax_firmware
aironet_1815m
aironet_1542d
aironet_4800_firmware
aironet_1562e_firmware
catalyst_9105ax
aironet_1840_firmware
aironet_1562i_firmware
aironet_1562i
catalyst_9120ax

CWE

CWE-284

Improper Access Control

NVD-CWE-Other

4.7 /10