What is CVE-2022-20622?

CVE-2022-20622 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 8.6/10. Published 2022-04-15.

How severe is CVE-2022-20622?

High severity. CVSS v3 base score is 8.6 out of 10.

Resource exhaustion in Cisco Aironet Access Point Software

CVE-2022-20622

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of…

EPSS: 0.019 (83.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Aironet Access Point Software — versions n/a

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

20220413 Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2022-20622?: CVE-2022-20622 is a high-severity vulnerability in Cisco Aironet Access Point Software, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 8.6/10. Published 2022-04-15.
How severe is CVE-2022-20622?: High severity. CVSS v3 base score is 8.6 out of 10.