CVE-2022-20870

8.6

HIGH

Cisco Catalyst 3650, 3850, and 9000 Family Switches MPLS Packet Processing Remote Denial of Service

Description

A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation of IPv4 traffic. An attacker could exploit this vulnerability by sending a malformed packet out of an affected MPLS-enabled interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

INFO

Published Date :

Oct. 10, 2022, 9:15 p.m.

Last Modified :

Nov. 21, 2024, 6:43 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

4.0

Exploitability Score :

3.9 Public PoC/Exploit Available at Github

CVE-2022-20870 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2022-20870 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Cisco	ios_xe
2	Cisco	catalyst_3650
3	Cisco	catalyst_3650-12x48fd-e
4	Cisco	catalyst_3650-12x48fd-l
5	Cisco	catalyst_3650-12x48fd-s
6	Cisco	catalyst_3650-12x48uq
7	Cisco	catalyst_3650-12x48uq-e
8	Cisco	catalyst_3650-12x48uq-l
9	Cisco	catalyst_3650-12x48uq-s
10	Cisco	catalyst_3650-12x48ur
11	Cisco	catalyst_3650-12x48ur-e
12	Cisco	catalyst_3650-12x48ur-l
13	Cisco	catalyst_3650-12x48ur-s
14	Cisco	catalyst_3650-12x48uz
15	Cisco	catalyst_3650-12x48uz-e
16	Cisco	catalyst_3650-12x48uz-l
17	Cisco	catalyst_3650-12x48uz-s
18	Cisco	catalyst_3650-24pd
19	Cisco	catalyst_3650-24pd-e
20	Cisco	catalyst_3650-24pd-l
21	Cisco	catalyst_3650-24pd-s
22	Cisco	catalyst_3650-24pdm
23	Cisco	catalyst_3650-24pdm-e
24	Cisco	catalyst_3650-24pdm-l
25	Cisco	catalyst_3650-24pdm-s
26	Cisco	catalyst_3650-24ps-e
27	Cisco	catalyst_3650-24ps-l
28	Cisco	catalyst_3650-24ps-s
29	Cisco	catalyst_3650-24td-e
30	Cisco	catalyst_3650-24td-l
31	Cisco	catalyst_3650-24td-s
32	Cisco	catalyst_3650-24ts-e
33	Cisco	catalyst_3650-24ts-l
34	Cisco	catalyst_3650-24ts-s
35	Cisco	catalyst_3650-48fd-e
36	Cisco	catalyst_3650-48fd-l
37	Cisco	catalyst_3650-48fd-s
38	Cisco	catalyst_3650-48fq
39	Cisco	catalyst_3650-48fq-e
40	Cisco	catalyst_3650-48fq-l
41	Cisco	catalyst_3650-48fq-s
42	Cisco	catalyst_3650-48fqm
43	Cisco	catalyst_3650-48fqm-e
44	Cisco	catalyst_3650-48fqm-l
45	Cisco	catalyst_3650-48fqm-s
46	Cisco	catalyst_3650-48fs-e
47	Cisco	catalyst_3650-48fs-l
48	Cisco	catalyst_3650-48fs-s
49	Cisco	catalyst_3650-48pd-e
50	Cisco	catalyst_3650-48pd-l
51	Cisco	catalyst_3650-48pd-s
52	Cisco	catalyst_3650-48pq-e
53	Cisco	catalyst_3650-48pq-l
54	Cisco	catalyst_3650-48pq-s
55	Cisco	catalyst_3650-48ps-e
56	Cisco	catalyst_3650-48ps-l
57	Cisco	catalyst_3650-48ps-s
58	Cisco	catalyst_3650-48td-e
59	Cisco	catalyst_3650-48td-l
60	Cisco	catalyst_3650-48td-s
61	Cisco	catalyst_3650-48tq-e
62	Cisco	catalyst_3650-48tq-l
63	Cisco	catalyst_3650-48tq-s
64	Cisco	catalyst_3650-48ts-e
65	Cisco	catalyst_3650-48ts-l
66	Cisco	catalyst_3650-48ts-s
67	Cisco	catalyst_3650-8x24pd-e
68	Cisco	catalyst_3650-8x24pd-l
69	Cisco	catalyst_3650-8x24pd-s
70	Cisco	catalyst_3650-8x24uq
71	Cisco	catalyst_3650-8x24uq-e
72	Cisco	catalyst_3650-8x24uq-l
73	Cisco	catalyst_3650-8x24uq-s
74	Cisco	catalyst_3850
75	Cisco	catalyst_3850-12s-e
76	Cisco	catalyst_3850-12s-s
77	Cisco	catalyst_3850-12x48u
78	Cisco	catalyst_3850-12xs-e
79	Cisco	catalyst_3850-12xs-s
80	Cisco	catalyst_3850-16xs-e
81	Cisco	catalyst_3850-16xs-s
82	Cisco	catalyst_3850-24p-e
83	Cisco	catalyst_3850-24p-l
84	Cisco	catalyst_3850-24p-s
85	Cisco	catalyst_3850-24pw-s
86	Cisco	catalyst_3850-24s-e
87	Cisco	catalyst_3850-24s-s
88	Cisco	catalyst_3850-24t-e
89	Cisco	catalyst_3850-24t-l
90	Cisco	catalyst_3850-24t-s
91	Cisco	catalyst_3850-24u
92	Cisco	catalyst_3850-24u-e
93	Cisco	catalyst_3850-24u-l
94	Cisco	catalyst_3850-24u-s
95	Cisco	catalyst_3850-24xs
96	Cisco	catalyst_3850-24xs-e
97	Cisco	catalyst_3850-24xs-s
98	Cisco	catalyst_3850-24xu
99	Cisco	catalyst_3850-24xu-e
100	Cisco	catalyst_3850-24xu-l
101	Cisco	catalyst_3850-24xu-s
102	Cisco	catalyst_3850-32xs-e
103	Cisco	catalyst_3850-32xs-s
104	Cisco	catalyst_3850-48f-e
105	Cisco	catalyst_3850-48f-l
106	Cisco	catalyst_3850-48f-s
107	Cisco	catalyst_3850-48p-e
108	Cisco	catalyst_3850-48p-l
109	Cisco	catalyst_3850-48p-s
110	Cisco	catalyst_3850-48pw-s
111	Cisco	catalyst_3850-48t-e
112	Cisco	catalyst_3850-48t-l
113	Cisco	catalyst_3850-48t-s
114	Cisco	catalyst_3850-48u
115	Cisco	catalyst_3850-48u-e
116	Cisco	catalyst_3850-48u-l
117	Cisco	catalyst_3850-48u-s
118	Cisco	catalyst_3850-48xs
119	Cisco	catalyst_3850-48xs-e
120	Cisco	catalyst_3850-48xs-f-e
121	Cisco	catalyst_3850-48xs-f-s
122	Cisco	catalyst_3850-48xs-s
123	Cisco	catalyst_3850-nm-2-40g
124	Cisco	catalyst_3850-nm-8-10g
125	Cisco	catalyst_9300
126	Cisco	catalyst_9300-24p-a
127	Cisco	catalyst_9300-24p-e
128	Cisco	catalyst_9300-24s-a
129	Cisco	catalyst_9300-24s-e
130	Cisco	catalyst_9300-24t-a
131	Cisco	catalyst_9300-24t-e
132	Cisco	catalyst_9300-24u-a
133	Cisco	catalyst_9300-24u-e
134	Cisco	catalyst_9300-24ux-a
135	Cisco	catalyst_9300-24ux-e
136	Cisco	catalyst_9300-48p-a
137	Cisco	catalyst_9300-48p-e
138	Cisco	catalyst_9300-48s-a
139	Cisco	catalyst_9300-48s-e
140	Cisco	catalyst_9300-48t-a
141	Cisco	catalyst_9300-48t-e
142	Cisco	catalyst_9300-48u-a
143	Cisco	catalyst_9300-48u-e
144	Cisco	catalyst_9300-48un-a
145	Cisco	catalyst_9300-48un-e
146	Cisco	catalyst_9300-48uxm-a
147	Cisco	catalyst_9300-48uxm-e
148	Cisco	catalyst_9300l
149	Cisco	catalyst_9300l-24p-4g-a
150	Cisco	catalyst_9300l-24p-4g-e
151	Cisco	catalyst_9300l-24p-4x-a
152	Cisco	catalyst_9300l-24p-4x-e
153	Cisco	catalyst_9300l-24t-4g-a
154	Cisco	catalyst_9300l-24t-4g-e
155	Cisco	catalyst_9300l-24t-4x-a
156	Cisco	catalyst_9300l-24t-4x-e
157	Cisco	catalyst_9300l-48p-4g-a
158	Cisco	catalyst_9300l-48p-4g-e
159	Cisco	catalyst_9300l-48p-4x-a
160	Cisco	catalyst_9300l-48p-4x-e
161	Cisco	catalyst_9300l-48t-4g-a
162	Cisco	catalyst_9300l-48t-4g-e
163	Cisco	catalyst_9300l-48t-4x-a
164	Cisco	catalyst_9300l-48t-4x-e
165	Cisco	catalyst_9300lm
166	Cisco	catalyst_9300x
167	Cisco	catalyst_9500
168	Cisco	catalyst_9500h
169	Cisco	catalyst_9600
170	Cisco	catalyst_9400
171	Cisco	catalyst_c3850-12x48u-e
172	Cisco	catalyst_c3850-12x48u-l
173	Cisco	catalyst_c3850-12x48u-s
174	Cisco	catalyst_c9500-12q
175	Cisco	catalyst_c9500-16x
176	Cisco	catalyst_c9500-24q
177	Cisco	catalyst_c9500-24y4c
178	Cisco	catalyst_c9500-32c
179	Cisco	catalyst_c9500-32qc
180	Cisco	catalyst_c9500-40x
181	Cisco	catalyst_c9500-48y4c
182	Cisco	catalyst_c9500-12q-a
183	Cisco	catalyst_c9500-12q-e
184	Cisco	catalyst_c9500-24q-a
185	Cisco	catalyst_c9500-24q-e
186	Cisco	catalyst_c9500-40x-a
187	Cisco	catalyst_c9500-40x-e
188	Cisco	catalyst_c9500-16x-a
189	Cisco	catalyst_c9500-16x-e
190	Cisco	catalyst_c9600-lc-24c
191	Cisco	catalyst_c9600-lc-48s
192	Cisco	catalyst_c9600-lc-48tx
193	Cisco	catalyst_c9600-lc-48yl

: Total Affected Vendor : 1 | Products : 193

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-20870.

URL	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

AlphabugX/CVE-2022-RCE

test 反向辣鸡数据投放 CVE-2022-23305 工具利用教程 Exploit POC

cve-2020-

Updated: 2 years, 1 month ago

5 stars 2 fork 2 watcher

Born at : Jan. 21, 2022, 5:07 a.m. This repo has been linked 2633 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-20870 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-20870 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	Old Value	New Value
Added	Reference		https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Removed	CVSS V3	Cisco Systems, Inc. AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Added	CVSS V3.1		Cisco Systems, Inc. AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Initial Analysis by [email protected]

Oct. 13, 2022

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Changed	Reference Type	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3 No Types Assigned	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL3 Vendor Advisory
Added	CWE		NIST NVD-CWE-Other
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xe:-::::::: OR cpe:2.3:h:cisco:catalyst_3650:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24td-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48td-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:::::::* cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::* cpe:2.3:h:cisco:catalyst_9300:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24p-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24p-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24s-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24s-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24t-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24t-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24u-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24u-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48p-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48p-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48s-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48s-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48t-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48t-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48u-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48un-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48un-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300lm:-:::::::* cpe:2.3:h:cisco:catalyst_9300x:-:::::::* cpe:2.3:h:cisco:catalyst_9400:-:::::::* cpe:2.3:h:cisco:catalyst_9500:-:::::::* cpe:2.3:h:cisco:catalyst_9500h:-:::::::* cpe:2.3:h:cisco:catalyst_9600:-:::::::* cpe:2.3:h:cisco:catalyst_c3850-12x48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_c3850-12x48u-l:-:::::::* cpe:2.3:h:cisco:catalyst_c3850-12x48u-s:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:::::::* cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::* cpe:2.3:h:cisco:catalyst_c9600-lc-24c:-:::::::* cpe:2.3:h:cisco:catalyst_c9600-lc-48s:-:::::::* cpe:2.3:h:cisco:catalyst_c9600-lc-48tx:-:::::::* cpe:2.3:h:cisco:catalyst_c9600-lc-48yl:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-20870 is associated with the following CWEs:

CWE-130: Improper Handling of Length Parameter Inconsistency

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-20870 weaknesses.

CAPEC-47: Buffer Overflow via Parameter Expansion Buffer Overflow via Parameter Expansion

CVE-2022-20870

Cisco Catalyst 3650, 3850, and 9000 Family Switches MPLS Packet Processing Remote Denial of Service

Description

INFO

Oct. 10, 2022, 9:15 p.m.

Nov. 21, 2024, 6:43 a.m.

[email protected]

Yes !

4.0

3.9

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

AlphabugX/CVE-2022-RCE

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.14 }} 0.01%

0.48953

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable