CVE-2022-20920
Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
CVSS Score
7.7
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload.
| CWE | CWE-755 |
| Vendor | cisco |
| Product | cisco ios |
| Ecosystems | |
| Industries | NetworkingTelecommunications |
| Published | Oct 10, 2022 |
| Last Updated | Sep 16, 2024 |
Stay Ahead of the Next One
Get instant alerts for cisco cisco ios
Be the first to know when new high vulnerabilities affecting cisco cisco ios are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
Cisco / Cisco IOS
n/a