CVE-2022-20717: Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
First published: Fri Apr 15 2022(Updated: )
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN vEdge Router | <=20.6 | |
| Cisco SD-WAN vEdge Router | =20.7 | |
| Cisco 1100 Integrated Services Router | ||
| Citrix Sd-wan 1000 | ||
| Citrix Sd-wan 110 | ||
| Citrix Sd-wan 1100 | ||
| Citrix Sd-wan 2000 | ||
| Citrix Sd-wan 210 | ||
| Citrix Sd-wan 2100 | ||
| Citrix Sd-wan 5100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-20717?
CVE-2022-20717 is a vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers that could allow an authenticated, local attacker to cause a denial of service (DoS) condition.
What is the severity level of CVE-2022-20717?
CVE-2022-20717 has a severity level of 5.5 (Medium).
Which devices are affected by CVE-2022-20717?
Cisco SD-WAN vEdge Routers versions 20.6 and 20.7 are affected by CVE-2022-20717.
How does CVE-2022-20717 work?
CVE-2022-20717 is due to insufficient memory management in the NETCONF process, allowing an attacker to exhaust the device's memory and cause a denial of service.
Is there a fix or patch available for CVE-2022-20717?
Yes, Cisco has released a security advisory with mitigation details and software updates to address CVE-2022-20717. Please refer to the Cisco Security Advisory for more information.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/title
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/cisco
- canonical/cisco sd-wan vedge router
- version/cisco sd-wan vedge router/20.6
- version/cisco sd-wan vedge router/20.7
- canonical/cisco 1100 integrated services router
- vendor/citrix
- canonical/citrix sd-wan 1000
- canonical/citrix sd-wan 110
- canonical/citrix sd-wan 1100
- canonical/citrix sd-wan 2000
- canonical/citrix sd-wan 210
- canonical/citrix sd-wan 2100
- canonical/citrix sd-wan 5100