Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device.
These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2022-12-07T16:56:01.303Z
Updated: 2024-01-25T16:57:06.109Z
Reserved: 2021-11-02T13:28:29.056Z
Link: CVE-2022-20690
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-12T09:15:12.477
Modified: 2024-01-25T17:15:14.797
Link: CVE-2022-20690
JSON object: View
Redhat Information
No data.