CVE-2022-20728

Published: Sep 30, 2022Modified: Nov 21, 2024

4.7

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.

Affected (26)

Products: Cisco: Aironet 1542d Firmware, Aironet 1542i Firmware, Aironet 1562i Firmware, Aironet 1562e Firmware, Aironet 1562d Firmware, Aironet 1815i Firmware, Aironet 1815m Firmware, Aironet 1815t Firmware, Aironet 1815w Firmware, Aironet 1830 Firmware, Aironet 1840 Firmware, Aironet 1850e Firmware, Aironet 1850i Firmware, Aironet 2800i Firmware, Aironet 2800e Firmware, Aironet 3800i Firmware, Aironet 3800e Firmware, Aironet 3800p Firmware, Aironet 4800 Firmware, Catalyst 9105ax Firmware, Catalyst 9115ax Firmware, Catalyst 9117ax Firmware, Catalyst 9120ax Firmware, Catalyst 9124ax Firmware, Catalyst 9130ax Firmware, Catalyst Iw6300 Firmware

Cisco

26 products

Aironet 1542d Firmware

Aironet 1542i Firmware

Aironet 1562i Firmware

Aironet 1562e Firmware

Aironet 1562d Firmware

Aironet 1815i Firmware

Aironet 1815m Firmware

Aironet 1815t Firmware

Aironet 1815w Firmware

Aironet 1830 Firmware

Aironet 1840 Firmware

Aironet 1850e Firmware

Aironet 1850i Firmware

Aironet 2800i Firmware

Aironet 2800e Firmware

Aironet 3800i Firmware

Aironet 3800e Firmware

Aironet 3800p Firmware

Aironet 4800 Firmware

Catalyst 9105ax Firmware

Catalyst 9115ax Firmware

Catalyst 9117ax Firmware

Catalyst 9120ax Firmware

Catalyst 9124ax Firmware

Catalyst 9130ax Firmware

Catalyst Iw6300 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1542d Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1542d	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1542i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1542i	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1562i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1562i	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1562e Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1562e	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1562d Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1562d	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1815i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1815i	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1815m Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1815m	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1815t Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1815t	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1815w Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1815w	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1830 Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1830	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1840 Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1840	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1850e Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1850e	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 1850i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 1850i	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 2800i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 2800i	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 2800e Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 2800e	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 3800i Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 3800i	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 3800e Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 3800e	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 3800p Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 3800p	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Aironet 4800 Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Aironet 4800	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9105ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9105ax	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9115ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9115ax	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9117ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9117ax	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9120ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9120ax	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9124ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9124ax	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst 9130ax Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst 9130ax	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Catalyst Iw6300 Firmware	Version 017.006(001)

Running on/with	Platform Versions
Cisco Catalyst Iw6300	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY

Source: psirt@cisco.com

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.