CVE-2022-20837

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This issue is due to a logic error that occurs when an affected device inspects certain TCP DNS packets. An attacker could exploit this by sending crafted DNS packets through the affected device performing NAT for DNS packets, resulting in a denial of service (DoS) condition. The vulnerability can only be exploited by sending IPv4 TCP packets, not IPv6 traffic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.