How severe is CVE-2022-20856?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2022-20856?

This is classified as CWE-664, which is a common weakness in software security.

CVE-2022-20856 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition.

Related Vulnerabilities

CVE-2022-32846

HIGH

CVSS:7.5(High)

A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

CWE-6642022

CVE-2023-44288

HIGH

CVSS:7.5(High)

Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulner...

CWE-6642023

CVE-2023-52387

HIGH

CVSS:7.5(High)

Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality.

CWE-6642023

CVE-2024-7889

HIGH

CVSS:7.3(High)

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

CWE-6642024

CVE-2016-8763

HIGH

CVSS:7.8(High)

The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 an...

CWE-6642016

CVE-2023-44295

HIGH

CVSS:8.1(High)

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerabil...

CWE-6642023