How severe is CVE-2022-20625?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2022-20625?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2022-20625

MEDIUM Year: 2022

CVSS v3 Score

4.3

Medium

CVSS v2 Score

6.1

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.

CVE-2015-5001

MEDIUM

CVSS:4.3(Medium)

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a d...

CWE-3992015

CVE-2016-8784

MEDIUM

CVSS:4.3(Medium)

Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LD...

CWE-3992016

CVE-2016-9220

MEDIUM

CVSS:4.3(Medium)

A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the con...

CWE-3992016

CVE-2016-9221

MEDIUM

CVSS:4.3(Medium)

A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacke...

CWE-3992016

CVE-2017-12287

MEDIUM

CVSS:4.3(Medium)

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, re...

CWE-3992017

CVE-2017-12360

MEDIUM

CVSS:4.3(Medium)

A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. An attacker could exploit this vuln...

CWE-3992017

CVE-2022-20625

Vulnerability Description

Related Vulnerabilities

CVE-2015-5001

CVE-2016-8784

CVE-2016-9220

CVE-2016-9221

CVE-2017-12287

CVE-2017-12360