March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
September 17, 2022Rewterz Threat Advisory – CVE-2022-38020 – Microsoft Visual Studio Code Vulnerability
September 18, 2022Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
September 17, 2022Rewterz Threat Advisory – CVE-2022-38020 – Microsoft Visual Studio Code Vulnerability
September 18, 2022
Severity
Medium
Analysis Summary
CVE-2022-20845
Cisco Network Convergence System 4000 Series devices are vulnerable to a denial of service, caused by a flaw with TL1 not freeing memory under some conditions. By sending specially-crafted TL1 commands, a local authenticated attacker could exploit this vulnerability to cause the TL1 process to consume large amounts of memory, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-20845
Affected Vendors
- Cisco
Affected Products
- Cisco Network Convergence System 4000 Series
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.