ID

VAR-202204-0277


CVE

CVE-2022-20758


TITLE

Cisco IOS XR  Software vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-010802

DESCRIPTION

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer. Cisco IOS XR There are unspecified vulnerabilities in the software.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-20758 // JVNDB: JVNDB-2022-010802 // VULHUB: VHN-405311 // VULMON: CVE-2022-20758

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:ltversion:7.4.2

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:6.8.2

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:7.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.3.2

Trust: 1.0

vendor:ciscomodel:ios xrscope:gteversion:7.4

Trust: 1.0

vendor:シスコシステムズmodel:cisco ios xrscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xrscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010802 // NVD: CVE-2022-20758

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20758
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20758
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20758
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202204-3304
value: MEDIUM

Trust: 0.6

VULHUB: VHN-405311
value: HIGH

Trust: 0.1

VULMON: CVE-2022-20758
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-20758
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-405311
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20758
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 4.0
version: 3.1

Trust: 2.0

NVD: CVE-2022-20758
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405311 // VULMON: CVE-2022-20758 // JVNDB: JVNDB-2022-010802 // CNNVD: CNNVD-202204-3304 // NVD: CVE-2022-20758 // NVD: CVE-2022-20758

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-010802 // NVD: CVE-2022-20758

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3304

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202204-3304

PATCH

title:cisco-sa-bgpevpn-zWTRtPBburl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgpevpn-zWTRtPBb

Trust: 0.8

title:Cisco: Cisco IOS XR Software Border Gateway Protocol Ethernet VPN Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-bgpevpn-zWTRtPBb

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-20758 // JVNDB: JVNDB-2022-010802

EXTERNAL IDS

db:NVDid:CVE-2022-20758

Trust: 3.4

db:JVNDBid:JVNDB-2022-010802

Trust: 0.8

db:CS-HELPid:SB2022041509

Trust: 0.6

db:CNNVDid:CNNVD-202204-3304

Trust: 0.6

db:CNVDid:CNVD-2022-55146

Trust: 0.1

db:VULHUBid:VHN-405311

Trust: 0.1

db:VULMONid:CVE-2022-20758

Trust: 0.1

sources: VULHUB: VHN-405311 // VULMON: CVE-2022-20758 // JVNDB: JVNDB-2022-010802 // CNNVD: CNNVD-202204-3304 // NVD: CVE-2022-20758

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-bgpevpn-zwtrtpbb

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2022-20758

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-20758/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-xr-denial-of-service-via-bgp-ethernet-vpn-38054

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022041509

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: VULHUB: VHN-405311 // VULMON: CVE-2022-20758 // JVNDB: JVNDB-2022-010802 // CNNVD: CNNVD-202204-3304 // NVD: CVE-2022-20758

SOURCES

db:VULHUBid:VHN-405311
db:VULMONid:CVE-2022-20758
db:JVNDBid:JVNDB-2022-010802
db:CNNVDid:CNNVD-202204-3304
db:NVDid:CVE-2022-20758

LAST UPDATE DATE

2024-08-14T14:02:42.476000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405311date:2022-05-16T00:00:00
db:VULMONid:CVE-2022-20758date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2022-010802date:2023-08-17T06:09:00
db:CNNVDid:CNNVD-202204-3304date:2022-05-17T00:00:00
db:NVDid:CVE-2022-20758date:2023-11-07T03:42:51.843

SOURCES RELEASE DATE

db:VULHUBid:VHN-405311date:2022-04-15T00:00:00
db:VULMONid:CVE-2022-20758date:2022-04-15T00:00:00
db:JVNDBid:JVNDB-2022-010802date:2023-08-17T00:00:00
db:CNNVDid:CNNVD-202204-3304date:2022-04-13T00:00:00
db:NVDid:CVE-2022-20758date:2022-04-15T15:15:13.883