What is CVE-2022-20915?

CVE-2022-20915 is a vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

How severe is CVE-2022-20915?

CVE-2022-20915 has a severity level of 7.4 (High).

What is the Common Weakness Enumeration (CWE) associated with CVE-2022-20915?

CVE-2022-20915 is associated with CWE-436 (Denial of Service) and CWE-115 (Misinterpretation of Input).

How can I fix CVE-2022-20915?

To mitigate CVE-2022-20915, it is recommended to apply the necessary updates provided by Cisco IOS XE Software, as mentioned in the Cisco Security Advisory.

Vulnerability/
CVE-2022-20915

high

7.4

CWE

436 115

10/10/2022

1/11/2024

CVE-2022-20915: Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability

First published: Mon Oct 10 2022(Updated: )

A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling of an IPv6 packet that is forwarded from an MPLS and ZBFW-enabled interface in a 6VPE deployment. An attacker could exploit this vulnerability by sending a crafted IPv6 packet sourced from a device on the IPv6-enabled virtual routing and forwarding (VRF) interface through the affected device. A successful exploit could allow the attacker to reload the device, resulting in a DoS condition.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS XE

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-6vpe-dos-tJBtf5Zv

Frequently Asked Questions

What is CVE-2022-20915?
CVE-2022-20915 is a vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
How severe is CVE-2022-20915?
CVE-2022-20915 has a severity level of 7.4 (High).
How does CVE-2022-20915 impact Cisco IOS XE Software?
CVE-2022-20915 can result in a denial of service (DoS) condition on an affected device running Cisco IOS XE Software.
What is the Common Weakness Enumeration (CWE) associated with CVE-2022-20915?
CVE-2022-20915 is associated with CWE-436 (Denial of Service) and CWE-115 (Misinterpretation of Input).
How can I fix CVE-2022-20915?
To mitigate CVE-2022-20915, it is recommended to apply the necessary updates provided by Cisco IOS XE Software, as mentioned in the Cisco Security Advisory.

collector/nvd-index
agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/title
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/cisco
canonical/cisco ios xe

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.