← Back

CVE-2022-20689

nvd nist
Published: Dec 12, 2022Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.

Affected (9)

Cisco
3 products
Ata 190 Firmware
Ata 191 Firmware
Ata 192 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ata 190 Firmware
All versions
Running on/withPlatform Versions
Cisco
Ata 190
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ata 191 Firmware
Before 11.2.2
Running on/withPlatform Versions
Cisco
Ata 191
All versions
Configuration C
6 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Ata 191 Firmware
Before 12.0.1
Ata 191 Firmware
Version 12.0.1
Ata 191 Firmware
Version 12.0.1 sr1
Ata 191 Firmware
Version 12.0.1 sr2
Ata 191 Firmware
Version 12.0.1 sr3
Ata 191 Firmware
Version 12.0.1 sr4
Running on/withPlatform Versions
Cisco
Ata 191
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ata 192 Firmware
Before 11.2.2
Running on/withPlatform Versions
Cisco
Ata 192
All versions

Related CWEs

CWE-1284
Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
CWE-130
Improper Handling of Length Parameter Inconsistency
The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

References (2)

Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.