CVE-2022-20683

HIGH

Cisco Catalyst 9800 Series Wireless Controllers - DoS

Title source: llm

Description

A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient packet verification for traffic inspected by the AVC feature. An attacker could exploit this vulnerability by sending crafted packets from the wired network to a wireless client, resulting in the crafted packets being processed by the wireless controller. A successful exploit could allow the attacker to cause a crash and reload of the affected device, resulting in a DoS condition.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-fnf-dos-bOL5vLge

Scores

CVSS v3 8.6

EPSS 0.0057

EPSS Percentile 68.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-787 CWE-124

Status published

Products (50)

cisco/ios_xe 3.15.1xbs

cisco/ios_xe 3.15.2xbs

cisco/ios_xe 16.7.2

cisco/ios_xe 16.7.3

cisco/ios_xe 16.7.4

cisco/ios_xe 16.8.1

cisco/ios_xe 16.8.1a

cisco/ios_xe 16.8.1b

cisco/ios_xe 16.8.1c

cisco/ios_xe 16.8.1d

... and 40 more

Published Apr 15, 2022

Tracked Since Feb 18, 2026