{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:47:45.108","vulnerabilities":[{"cve":{"id":"CVE-2022-20622","sourceIdentifier":"psirt@cisco.com","published":"2022-04-15T15:15:12.247","lastModified":"2024-11-21T06:43:10.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload."},{"lang":"es","value":"Una vulnerabilidad en el procesamiento de paquetes de entrada IP del software Cisco Embedded Wireless Controller with Catalyst Access Points podría permitir a un atacante remoto no autenticado hacer que el dispositivo sea recargado inesperadamente, causando una condición de denegación de servicio (DoS). El dispositivo puede experimentar una degradación del rendimiento en el procesamiento del tráfico o un alto uso de la CPU antes de la recarga no esperada. Esta vulnerabilidad es debido a una limitación inapropiada de la velocidad de los paquetes IP a la interfaz de administración. Un atacante podría aprovechar esta vulnerabilidad mediante el envío de un flujo constante de tráfico IP a una velocidad elevada a la interfaz de administración del dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una recarga del dispositivo"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*","versionStartIncluding":"17.3","versionEndExcluding":"17.3.4","matchCriteriaId":"A203AE75-779D-42CD-9DB4-837D2EDBDBF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*","versionStartIncluding":"17.4","versionEndExcluding":"17.6.1","matchCriteriaId":"28855FA6-E267-4EDC-B525-9ED4C46BFBDE"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}