Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Published

2022-04-15T15:15:12.300

Last Modified

2024-11-21T06:43:15.880

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-1221
Type: Primary
CWE-665

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios	< 15.2\(7\)e5	Yes
Hardware	cisco	cdb-8p	-	No
Hardware	cisco	cdb-8u	-	No
Operating System	cisco	ios	< 15.2\(7\)e5	Yes
Operating System	cisco	ios	15.2\(8\)e	Yes
Hardware	cisco	cmicr-4pc	-	No
Hardware	cisco	cmicr-4ps	-	No
Hardware	cisco	cmicr-4pt	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-vulns-KJjFtNb Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-vulns-KJjFtNb Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)