How severe is CVE-2022-20682?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2022-20682?

This is classified as CWE-690, which is a common weakness in software security.

CVE-2022-20682

HIGH Year: 2022

CVSS v3 Score

8.6

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-690

View all →

Vulnerability Description

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

CVE-2020-13582

HIGH

CVSS:8.6(High)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP reque...

CWE-6902020

CVE-2020-36646

HIGH

CVSS:7.5(High)

A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The mani...

CWE-6902020

CVE-2020-6095

HIGH

CVSS:7.5(High)

An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference re...

CWE-6902020

CVE-2022-22231

HIGH

CVSS:7.5(High)

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial o...

CWE-6902022

CVE-2022-41957

HIGH

CVSS:7.5(High)

Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhamm...

CWE-6902022

CVE-2024-23085

HIGH

CVSS:7.5(High)

Apfloat v1.10.1 was discovered to contain a NullPointerException via the component org.apfloat.internal.DoubleScramble::scramble(double[], int, int[]). NOTE: this is disputed by multiple third parties...

CWE-6902024

CVE-2022-20682

Vulnerability Description

Related Vulnerabilities

CVE-2020-13582

CVE-2020-36646

CVE-2020-6095

CVE-2022-22231

CVE-2022-41957

CVE-2024-23085