var-202204-0246
Vulnerability from variot
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0246",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(5\\)ex"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(8\\)e"
},
{
"model": "ios",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(7\\)e5"
},
{
"model": "cisco ios",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst digital building series switches 15.2 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst digital building series switches \u003c=15.2 e",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst micro switches \u003c=15.2 e",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst micro switches 15.2 e",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"cve": "CVE-2022-20661",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-20661",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2022-46479",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"id": "CVE-2022-20661",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20661",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-20661",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20661",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-20661",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-46479",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-3460",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-20661",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20661",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-46479",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022041512",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-20661",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"id": "VAR-202204-0246",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
}
],
"trust": 1.4055555666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
}
]
},
"last_update_date": "2024-08-14T15:06:26.240000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-cdb-cmicr-vulns-KJjFtNb",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-vulns-KJjFtNb"
},
{
"title": "Patch for Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/336696"
},
{
"title": "Cisco Catalyst Digital Building Series Switches Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=189517"
},
{
"title": "Cisco: Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-cdb-cmicr-vulns-KJjFtNb"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-665",
"trust": 1.0
},
{
"problemtype": "CWE-1221",
"trust": 1.0
},
{
"problemtype": "Improper initialization (CWE-665) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cdb-cmicr-vulns-kjjftnb"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20661"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20661/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022041512"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/665.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"date": "2022-04-15T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"date": "2023-08-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"date": "2022-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"date": "2022-04-15T15:15:12.300000",
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-46479"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20661"
},
{
"date": "2023-08-07T07:33:00",
"db": "JVNDB",
"id": "JVNDB-2022-009565"
},
{
"date": "2022-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3460"
},
{
"date": "2023-11-07T03:42:33.230000",
"db": "NVD",
"id": "CVE-2022-20661"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco\u00a0Catalyst\u00a0Digital\u00a0Building\u00a0 series switch \u00a0 and \u00a0Cisco\u00a0Catalyst\u00a0 Initialization Vulnerability in Microswitch",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-009565"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3460"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.