How severe is CVE-2022-20686?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-20686?

This is classified as CWE-130, which is a common weakness in software security.

CVE-2022-20686 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.

Related Vulnerabilities

CVE-2022-3272

MEDIUM

CVSS:5.3(Medium)

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

CWE-1302022

CVE-2023-40167

MEDIUM

CVSS:5.3(Medium)

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header fiel...

CWE-1302023

CVE-2024-42460

MEDIUM

CVSS:5.3(Medium)

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.

CWE-1302024

CVE-2021-26329

MEDIUM

CVSS:5.5(Medium)

AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources.

CWE-1302021

CVE-2021-36373

MEDIUM

CVSS:5.5(Medium)

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used t...

CWE-1302021

CVE-2021-36374

MEDIUM

CVSS:5.5(Medium)

When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. Thi...

CWE-1302021