{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T14:52:35.857","vulnerabilities":[{"cve":{"id":"CVE-2022-20856","sourceIdentifier":"psirt@cisco.com","published":"2022-09-30T19:15:13.223","lastModified":"2024-11-21T06:43:41.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition."},{"lang":"es","value":"Una vulnerabilidad en el procesamiento de los mensajes de Movilidad de Control y Aprovisionamiento de Puntos de Acceso Inalámbricos (CAPWAP) en el Software Controlador Inalámbrico Cisco IOS XE para la Familia Catalyst 9000 podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a un error lógico y a una administración inapropiada de los recursos relacionados con el manejo de los mensajes de movilidad CAPWAP. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes CAPWAP Mobility diseñados a un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar los recursos del dispositivo afectado. Esto causaría una recarga del dispositivo, resultando en una condición de DoS"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-664"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*","matchCriteriaId":"0CEF022B-271F-4017-B74B-82748D5EBA01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*","matchCriteriaId":"A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*","matchCriteriaId":"1B9ED0E5-CB20-4106-9CF2-8EB587B33543"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*","matchCriteriaId":"2B0E620C-8E09-4F7C-A326-26013173B993"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*","matchCriteriaId":"FF93F1C8-669F-4ECB-8D81-ECDA7B550175"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*","matchCriteriaId":"2E0BA345-B7D7-4975-9199-4DC7875BBFD0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*","matchCriteriaId":"4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*","matchCriteriaId":"EA0BC769-C244-41BD-BE80-E67F4E1CDDA4"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-mob-dos-342YAc6J","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-mob-dos-342YAc6J","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}