CVE-2022-20622

Name of the Vulnerable Software and Affected Versions Cisco Embedded Wireless Controller with Catalyst Access Points Software (affected versions not specified)

Description The issue is related to improper rate limiting of IP packets to the management interface, which could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The device may experience performance degradation in traffic processing or high CPU usage prior to the unexpected reload. An attacker could exploit this by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. This could also lead to resource exhaustion, specifically memory depletion.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.