What is CVE-2022-20808?

CVE-2022-20808 is a high-severity vulnerability in Cisco Smart Software Manager On-prem, classified under Uncontrolled Resource Consumption. CVSS score: 7.7/10. Published 2022-07-06.

How severe is CVE-2022-20808?

High severity. CVSS v3 base score is 7.7 out of 10.

Resource exhaustion in Cisco Smart Software Manager On-prem

CVE-2022-20808

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of mult…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.006 (68.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Smart Software Manager On-prem — versions n/a

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

20220706 Cisco Smart Software Manager On-Prem Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2022-20808?: CVE-2022-20808 is a high-severity vulnerability in Cisco Smart Software Manager On-prem, classified under Uncontrolled Resource Consumption. CVSS score: 7.7/10. Published 2022-07-06.
How severe is CVE-2022-20808?: High severity. CVSS v3 base score is 7.7 out of 10.