Vulnslist

find the latest Cisco vulnerabilities

Cisco Access Points VLAN Bypass from Native VLAN Vulnerability

cisco-sa-apvlan-TDTtb4FY · Medium · Published · Updated

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2022-20728
Cisco Bug IDsCSCvz99036
CVSS ScoreBase 4.7
Base 4.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Aironet Access Point Software (IOS XE Controller)

CSAF Product Statuses

Product Status Source CVE Rows
Cisco Aironet Access Point Software (IOS XE Controller) known_affected cisco_csaf CVE-2022-20728 1

Related Products

Product CVE Evidence
Cisco Aironet Access Point Software CVE-2022-20728 Cisco OpenVuln
Cisco Aironet Access Point Software (IOS XE Controller) CVE-2022-20728 Cisco OpenVuln
Cisco IOS XE Software CVE-2022-20728 Cisco OpenVuln