CVE-2022-20856

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family (affected versions not specified)

Description A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this by sending crafted CAPWAP Mobility packets to an affected device, potentially exhausting resources and causing the device to reload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.