NETCONF over SSH Denial of Service Vulnerability in Cisco IOS XE Software

NETCONF over SSH Denial of Service Vulnerability in Cisco IOS XE Software

CVE-2022-20692 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this vulnerability by initiating a large number of NETCONF over SSH connections. A successful exploit could allow the attacker to exhaust resources, causing the device to reload and resulting in a DoS condition on an affected device.

Learn more about our Cis Benchmark Audit For Apple Ios.