CVE-2022-20824

8.8

HIGH

Cisco Discovery Protocol Layer 2 Protocol Remote Code Execution and Denial of Service Vulnerability

Description

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

INFO

Published Date :

Aug. 25, 2022, 7:15 p.m.

Last Modified :

Nov. 7, 2023, 3:43 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

2.8 Public PoC/Exploit Available at Github

CVE-2022-20824 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2022-20824 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Cisco	nx-os
2	Cisco	nexus_7000_firmware
3	Cisco	nexus_9000_firmware
4	Cisco	nexus_93180yc-fx3s_firmware
5	Cisco	nexus_93180yc-fx3_firmware
6	Cisco	nexus_3016_firmware
7	Cisco	nexus_3048_firmware
8	Cisco	nexus_3064_firmware
9	Cisco	nexus_3064-t_firmware
10	Cisco	nexus_31108pc-v_firmware
11	Cisco	nexus_31108tc-v_firmware
12	Cisco	nexus_31128pq_firmware
13	Cisco	nexus_3132c-z_firmware
14	Cisco	nexus_3132q_firmware
15	Cisco	nexus_3132q-v_firmware
16	Cisco	nexus_3132q-xl_firmware
17	Cisco	nexus_3164q_firmware
18	Cisco	nexus_3172_firmware
19	Cisco	nexus_3172pq-xl_firmware
20	Cisco	nexus_3172tq_firmware
21	Cisco	nexus_3172tq-32t_firmware
22	Cisco	nexus_3172tq-xl_firmware
23	Cisco	nexus_3232c_firmware
24	Cisco	nexus_3264c-e_firmware
25	Cisco	nexus_3264q_firmware
26	Cisco	nexus_3408-s_firmware
27	Cisco	nexus_34180yc_firmware
28	Cisco	nexus_34200yc-sm_firmware
29	Cisco	nexus_3432d-s_firmware
30	Cisco	nexus_3464c_firmware
31	Cisco	nexus_3524_firmware
32	Cisco	nexus_3524-x_firmware
33	Cisco	nexus_3524-xl_firmware
34	Cisco	nexus_3548_firmware
35	Cisco	nexus_3548-x_firmware
36	Cisco	nexus_3548-xl_firmware
37	Cisco	nexus_5548p_firmware
38	Cisco	nexus_5548up_firmware
39	Cisco	nexus_5596t_firmware
40	Cisco	nexus_5596up_firmware
41	Cisco	nexus_56128p_firmware
42	Cisco	nexus_5624q_firmware
43	Cisco	nexus_5648q_firmware
44	Cisco	nexus_5672up_firmware
45	Cisco	nexus_5696q_firmware
46	Cisco	nexus_6001_firmware
47	Cisco	nexus_6004_firmware
48	Cisco	nexus_93180yc-ex_firmware
49	Cisco	nexus_93180yc-fx_firmware
50	Cisco	nexus_93240yc-fx2_firmware
51	Cisco	nexus_93360yc-fx2_firmware
52	Cisco	nexus_93120tx_firmware
53	Cisco	nexus_93108tc-ex_firmware
54	Cisco	nexus_9348gc-fxp_firmware
55	Cisco	nexus_93108tc-fx_firmware
56	Cisco	nexus_93108tc-fx3p_firmware
57	Cisco	nexus_93216tc-fx2_firmware
58	Cisco	nexus_9504_firmware
59	Cisco	nexus_9508_firmware
60	Cisco	nexus_9516_firmware
61	Cisco	nexus_92160yc-x_firmware
62	Cisco	nexus_9272q_firmware
63	Cisco	nexus_92304qc_firmware
64	Cisco	nexus_9236c_firmware
65	Cisco	nexus_92300yc_firmware
66	Cisco	nexus_92348gc-x_firmware
67	Cisco	nexus_9364c_firmware
68	Cisco	nexus_9336c-fx2_firmware
69	Cisco	nexus_9336c-fx2-e_firmware
70	Cisco	nexus_9332c_firmware
71	Cisco	nexus_9364c-gx_firmware
72	Cisco	nexus_3016q_firmware
73	Cisco	nexus_3064-32t_firmware
74	Cisco	nexus_3064-x_firmware
75	Cisco	nexus_3064t_firmware
76	Cisco	nexus_3064x_firmware
77	Cisco	nexus_3100_firmware
78	Cisco	nexus_3100-v_firmware
79	Cisco	nexus_3100-z_firmware
80	Cisco	nexus_3100v_firmware
81	Cisco	nexus_31108pv-v_firmware
82	Cisco	nexus_3132q-x_firmware
83	Cisco	nexus_3132q-x\/3132q-xl_firmware
84	Cisco	nexus_3172pq_firmware
85	Cisco	nexus_3172pq\/pq-xl_firmware
86	Cisco	nexus_3200_firmware
87	Cisco	nexus_3232c__firmware
88	Cisco	nexus_3400_firmware
89	Cisco	nexus_3524-x\/xl_firmware
90	Cisco	nexus_3548-x\/xl_firmware
91	Cisco	nexus_36180yc-r_firmware
92	Cisco	nexus_3636c-r_firmware
93	Cisco	nexus_5600_firmware
94	Cisco	nexus_5672up-16g_firmware
95	Cisco	nexus_6000_firmware
96	Cisco	nexus_6001p_firmware
97	Cisco	nexus_6001t_firmware
98	Cisco	nexus_6004x_firmware
99	Cisco	nexus_7000_supervisor_1_firmware
100	Cisco	nexus_7000_supervisor_2_firmware
101	Cisco	nexus_7000_supervisor_2e_firmware
102	Cisco	nexus_7004_firmware
103	Cisco	nexus_7009_firmware
104	Cisco	nexus_7010_firmware
105	Cisco	nexus_7018_firmware
106	Cisco	nexus_7700_firmware
107	Cisco	nexus_7700_supervisor_2e_firmware
108	Cisco	nexus_7700_supervisor_3e_firmware
109	Cisco	nexus_7702_firmware
110	Cisco	nexus_7706_firmware
111	Cisco	nexus_7710_firmware
112	Cisco	nexus_7718_firmware
113	Cisco	nexus_9000v_firmware
114	Cisco	nexus_9200_firmware
115	Cisco	nexus_9221c_firmware
116	Cisco	nexus_9300_firmware
117	Cisco	nexus_93108tc-ex-24_firmware
118	Cisco	nexus_93108tc-fx-24_firmware
119	Cisco	nexus_93128_firmware
120	Cisco	nexus_93128tx_firmware
121	Cisco	nexus_9316d-gx_firmware
122	Cisco	nexus_93180lc-ex_firmware
123	Cisco	nexus_93180tc-ex_firmware
124	Cisco	nexus_93180yc-ex-24_firmware
125	Cisco	nexus_93180yc-fx-24_firmware
126	Cisco	nexus_9332pq_firmware
127	Cisco	nexus_9336pq_firmware
128	Cisco	nexus_93600cd-gx_firmware
129	Cisco	nexus_9372px_firmware
130	Cisco	nexus_9372px-e_firmware
131	Cisco	nexus_9372tx_firmware
132	Cisco	nexus_9372tx-e_firmware
133	Cisco	nexus_9396px_firmware
134	Cisco	nexus_9396tx_firmware
135	Cisco	nexus_9500r_firmware
136	Cisco	mds_9506_firmware
137	Cisco	mds_9513_firmware
138	Cisco	mds_9706_firmware
139	Cisco	mds_9710_firmware
140	Cisco	mds_9718_firmware
141	Cisco	nexus_1000v_firmware
142	Cisco	nexus_9500_supervisor_a_firmware
143	Cisco	nexus_9500_supervisor_a\+_firmware
144	Cisco	nexus_9500_supervisor_b_firmware
145	Cisco	nexus_9500_supervisor_b\+_firmware

: Total Affected Vendor : 1 | Products : 145

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-20824.

URL	Resource
https://security.netapp.com/advisory/ntap-20220923-0001/	Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

AlphabugX/CVE-2022-RCE

test 反向辣鸡数据投放 CVE-2022-23305 工具利用教程 Exploit POC

cve-2020-

Updated: 1 year, 11 months ago

5 stars 2 fork 2 watcher

Born at : Jan. 21, 2022, 5:07 a.m. This repo has been linked 2608 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-20824 vulnerability anywhere in the article.

Cybersecurity News

CVE-2024-20432 (CVSS 9.9): Cisco Nexus Dashboard Fabric Controller Exposed to RCE

Cisco has issued a security advisory addressing a critical vulnerability (CVE-2024-20432) in its Nexus Dashboard Fabric Controller (NDFC). This flaw, which carries a severity rating of 9.9 out of 10 o ...

Published Date: Oct 03, 2024 (1 month ago)

CVE-2024-20432 CVE-2023-27584 CVE-2024-8504 CVE-2024-8503 CVE-2024-40711 CVE-2023-3454 CVE-2022-20824

The following table lists the changes that have been made to the CVE-2022-20824 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Removed	CVSS V3	Cisco Systems, Inc. AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CVSS V3.1		Cisco Systems, Inc. AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Modified Analysis by [email protected]

Oct. 01, 2022

Action	Type	Old Value	New Value
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20220923-0001/ No Types Assigned	https://security.netapp.com/advisory/ntap-20220923-0001/ Third Party Advisory

CVE Modified by [email protected]

Sep. 23, 2022

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20220923-0001/ [No Types Assigned]

Initial Analysis by [email protected]

Sep. 01, 2022

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9 No Types Assigned	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9 Vendor Advisory
Added	CWE		NIST CWE-787
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:mds_9506_firmware:-::::::: OR cpe:2.3:h:cisco:mds_9506:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:mds_9513_firmware:-::::::: OR cpe:2.3:h:cisco:mds_9513:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:mds_9706_firmware:-::::::: OR cpe:2.3:h:cisco:mds_9706:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:mds_9710_firmware:-::::::: OR cpe:2.3:h:cisco:mds_9710:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:mds_9718_firmware:-::::::: OR cpe:2.3:h:cisco:mds_9718:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_1000v_firmware:-:::::vmware_vsphere::* OR cpe:2.3:h:cisco:nexus_1000v:-:::::vmware_vsphere::
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3016_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3016:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3016q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3016q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3048_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3048:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064-32t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064-32t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064-t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064-t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3064x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3064x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3100_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3100:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3100-v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3100-v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3100-z_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3100-z:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3100v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3100v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_31108pv-v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_31108pv-v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_31128pq_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132c-z_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132c-z:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132q-v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132q-v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132q-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132q-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132q-x\/3132q-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132q-x\/3132q-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3164q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3164q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172pq_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172pq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172pq\/pq-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172pq\/pq-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172tq_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172tq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3172tq-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3200_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3200:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3232c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3232c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3232c__firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3232c_:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3264c-e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3264c-e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3264q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3264q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3400_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3400:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3408-s_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3408-s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_34180yc_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_34180yc:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_34200yc-sm:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3432d-s_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3432d-s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3464c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3464c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3524_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3524:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3524-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3524-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3524-x\/xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3524-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3524-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3548_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3548:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3548-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3548-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3548-x\/xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3548-xl_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3548-xl:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_36180yc-r_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_3636c-r_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5548p_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5548p:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5548up_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5548up:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5596t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5596t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5596up_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5596up:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5600_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5600:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_56128p_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_56128p:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5624q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5624q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5648q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5648q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5672up_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5672up:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5672up-16g_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5672up-16g:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_5696q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_5696q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6000_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6000:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6001_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6001:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6001p_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6001p:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6001t_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6001t:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6004_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6004:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_6004x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_6004x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7000_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7000:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7000_supervisor_1_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7000_supervisor_2_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7000_supervisor_2e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7004_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7004:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7009_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7009:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7010_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7010:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7018_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7018:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7700_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7700:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7700_supervisor_2e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7700_supervisor_3e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7702_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7702:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7706_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7706:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7710_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7710:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_7718_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_7718:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9000_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9000:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9000v_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9000v:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9200_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9200:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_92160yc-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9221c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9221c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_92300yc_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_92300yc:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_92304qc_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_92348gc-x_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_92348gc-x:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9236c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9236c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9272q_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9272q:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9300_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9300:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93108tc-ex_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93108tc-ex-24_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93108tc-fx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93108tc-fx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93108tc-fx-24_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93108tc-fx3p_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93120tx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93128_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93128:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93128tx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9316d-gx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9316d-gx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180lc-ex_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180lc-ex:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180tc-ex_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180tc-ex:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-ex_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-ex-24_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-fx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-fx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-fx-24_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-fx3_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-fx3:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93180yc-fx3s_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93216tc-fx2_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93216tc-fx2:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93240yc-fx2_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93240yc-fx2:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9332c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9332c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9332pq_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93360yc-fx2_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93360yc-fx2:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9336c-fx2_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9336c-fx2:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9336c-fx2-e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9336pq_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9336pq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9348gc-fxp_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9348gc-fxp:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_93600cd-gx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_93600cd-gx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9364c_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9364c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9364c-gx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9364c-gx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9372px_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9372px:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9372px-e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9372px-e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9372tx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9372tx-e_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9372tx-e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9396px_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9396px:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9396tx_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9500_supervisor_a_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9500_supervisor_a\+_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9500_supervisor_a\+:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9500_supervisor_b_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9500_supervisor_b\+_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9500_supervisor_b\+:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9500r_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9500r:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9504_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9504:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9508_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9508:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:nexus_9516_firmware:-::::::: OR cpe:2.3:h:cisco:nexus_9516:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-20824 is associated with the following CWEs:

CWE-121: Stack-based Buffer Overflow

CWE-787: Out-of-bounds Write

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-20824 weaknesses.

CVE-2022-20824

Cisco Discovery Protocol Layer 2 Protocol Remote Code Execution and Denial of Service Vulnerability

Description

INFO

Aug. 25, 2022, 7:15 p.m.

Nov. 7, 2023, 3:43 a.m.

[email protected]

No

5.9

2.8

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

AlphabugX/CVE-2022-RCE

CVE-2024-20432 (CVSS 9.9): Cisco Nexus Dashboard Fabric Controller Exposed to RCE

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.11 }} 0.01%

0.44101

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable