← voltar
CVE-2022-20750

Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability

CVSS 5.3 MEDIUMEPSS 1.1%CWE-20
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.3EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
17 fev 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to improper input validation of an ingress TCP packet. An attacker could exploit this vulnerability by sending crafted TCP data to the affected application. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the checkpoint manager process restarting.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L