How severe is CVE-2022-20714?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2022-20714?

This is classified as CWE-126, which is a common weakness in software security.

CVE-2022-20714 - HIGH Severity | CVSS 8.6

Vulnerability Description

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.

Related Vulnerabilities

CVE-2020-3399

HIGH

CVSS:8.6(High)

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unaut...

CWE-1262020

CVE-2021-1373

HIGH

CVSS:8.6(High)

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controll...

CWE-1262021

CVE-2021-1588

HIGH

CVSS:8.6(High)

A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) conditio...

CWE-1262021

CVE-2022-20823

HIGH

CVSS:8.6(High)

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This ...

CWE-1262022

CVE-2023-28572

HIGH

CVSS:8.8(High)

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

CWE-1262023

CVE-2024-43595

HIGH

CVSS:8.8(High)

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CWE-1262024