ID

VAR-202209-1731


CVE

CVE-2022-20728


TITLE

Vulnerabilities in multiple Cisco Systems products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018195

DESCRIPTION

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed. Cisco Aironet 1542d series firmware, Cisco Aironet 1542i series firmware, Cisco Aironet 1562i Unspecified vulnerabilities exist in multiple Cisco Systems products, including series firmware.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2022-20728 // JVNDB: JVNDB-2022-018195 // VULMON: CVE-2022-20728

AFFECTED PRODUCTS

vendor:ciscomodel:catalyst iw6300scope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 2800iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 3800iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1815wscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9124axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1562dscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1850escope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 3800escope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1562iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1815mscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1850iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1840scope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9115axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9130axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 2800escope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9117axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1542iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9120axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1562escope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1815tscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1830scope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 3800pscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:catalyst 9105axscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 4800scope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1815iscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:ciscomodel:aironet 1542dscope:eqversion:017.006\(001\)

Trust: 1.0

vendor:シスコシステムズmodel:cisco aironet 1850i シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1562d シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 4800 シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1840 シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1815w シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1562e シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1542i シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1542d シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1815m シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 3800e シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco catalyst 9105ax シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 3800i シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1830 シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1850e シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 3800p シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1815i シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 2800i シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 2800e シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1815t シリーズscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco aironet 1562i シリーズscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-018195 // NVD: CVE-2022-20728

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20728
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20728
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20728
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202209-2793
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-20728
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2022-20728
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018195 // CNNVD: CNNVD-202209-2793 // NVD: CVE-2022-20728 // NVD: CVE-2022-20728

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-284

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018195 // NVD: CVE-2022-20728

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202209-2793

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-2793

PATCH

title:cisco-sa-apvlan-TDTtb4FYurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY

Trust: 0.8

title:Cisco Access Points Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=209666

Trust: 0.6

sources: JVNDB: JVNDB-2022-018195 // CNNVD: CNNVD-202209-2793

EXTERNAL IDS

db:NVDid:CVE-2022-20728

Trust: 3.3

db:JVNDBid:JVNDB-2022-018195

Trust: 0.8

db:AUSCERTid:ESB-2022.4806

Trust: 0.6

db:CNNVDid:CNNVD-202209-2793

Trust: 0.6

db:VULMONid:CVE-2022-20728

Trust: 0.1

sources: VULMON: CVE-2022-20728 // JVNDB: JVNDB-2022-018195 // CNNVD: CNNVD-202209-2793 // NVD: CVE-2022-20728

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apvlan-tdttb4fy

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-20728

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.4806

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20728/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-aironet-catalyst-access-point-ingress-filtrering-bypass-via-vlan-bypass-39379

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2022-20728 // JVNDB: JVNDB-2022-018195 // CNNVD: CNNVD-202209-2793 // NVD: CVE-2022-20728

SOURCES

db:VULMONid:CVE-2022-20728
db:JVNDBid:JVNDB-2022-018195
db:CNNVDid:CNNVD-202209-2793
db:NVDid:CVE-2022-20728

LAST UPDATE DATE

2024-08-14T13:21:41.545000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-20728date:2022-09-30T00:00:00
db:JVNDBid:JVNDB-2022-018195date:2023-10-19T02:23:00
db:CNNVDid:CNNVD-202209-2793date:2022-10-08T00:00:00
db:NVDid:CVE-2022-20728date:2023-11-07T03:42:45.823

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-20728date:2022-09-30T00:00:00
db:JVNDBid:JVNDB-2022-018195date:2023-10-19T00:00:00
db:CNNVDid:CNNVD-202209-2793date:2022-09-27T00:00:00
db:NVDid:CVE-2022-20728date:2022-09-30T19:15:10.903