Cisco IOS XE Software Common Industrial Protocol Request DoS (cisco-sa-iosxe-cip-dos-9rTbKLt9)

high Nessus Plugin ID 165677

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwa96810

Plugin Details

Severity: High

ID: 165677

File Name: cisco-sa-iosxe-cip-dos-9rTbKLt9-iosxe.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 10/5/2022

Updated: 3/23/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2022-20919

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/28/2022

Vulnerability Publication Date: 9/28/2022

Reference Information

CVE: CVE-2022-20919

CWE: 248

CISCO-SA: cisco-sa-iosxe-cip-dos-9rTbKLt9

CISCO-BUG-ID: CSCwa96810

Detections

Analytics