A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
04 Oct 2022, 18:58
Type | Values Removed | Values Added |
---|---|---|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-787 | |
First Time |
Cisco flex 7510
Cisco 8540 Wireless Lan Controller Cisco wireless Lan Controller Software Cisco 5508 Wireless Lan Controller Cisco Cisco virtual Wireless Controller Cisco 2504 Wireless Lan Controller Cisco 3504 Wireless Lan Controller Cisco 5520 Wireless Lan Controller |
|
CPE | cpe:2.3:h:cisco:8540_wireless_lan_controller:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:3504_wireless_lan_controller:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:flex_7510:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:5520_wireless_lan_controller:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:5508_wireless_lan_controller:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:2504_wireless_lan_controller:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:virtual_wireless_controller:-:*:*:*:*:*:*:* |
30 Sep 2022, 19:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-30 19:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-20769
Mitre link : CVE-2022-20769
CVE.ORG link : CVE-2022-20769
JSON object : View
Products Affected
cisco
- 8540_wireless_lan_controller
- wireless_lan_controller_software
- 5520_wireless_lan_controller
- 3504_wireless_lan_controller
- flex_7510
- 5508_wireless_lan_controller
- 2504_wireless_lan_controller
- virtual_wireless_controller
CWE
CWE-787
Out-of-bounds Write