Vulnerability in Cisco Asr_9006
CVE-2022-20849
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists…
EPSS: 0.003 (17.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H.
Affected products
Weakness classification (CWE)
References
- psirt@cisco.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-20849?
- CVE-2022-20849 is a medium-severity vulnerability in Cisco Asr_9006, classified under CWE-391. CVSS score: 6.1/10. Published 2024-11-15.
- How severe is CVE-2022-20849?
- Medium severity. CVSS v3 base score is 6.1 out of 10.