1. Home
  2. CVE Database
  3. CVE-2022-20810
MEDIUM · 6.5

CVE-2022-20810

A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensi...

Vulnerability Description

A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
CiscoIos Xe-
CiscoCatalyst 9800-
CiscoCatalyst 9800-40-
CiscoCatalyst 9800-40 Wireless Controller-
CiscoCatalyst 9800-80-
CiscoCatalyst 9800-80 Wireless Controller-
CiscoCatalyst 9800-Cl-
CiscoCatalyst 9800-L-
CiscoCatalyst 9800-L-C-
CiscoCatalyst 9800-L-F-
CiscoCatalyst 9800 Embedded Wireless Controller-

Related Weaknesses (CWE)

CWE-202

References

FAQ

What is CVE-2022-20810?

CVE-2022-20810 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensi...

How severe is CVE-2022-20810?

CVE-2022-20810 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-20810?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco Catalyst 9800, Cisco Catalyst 9800-40, Cisco Catalyst 9800-40 Wireless Controller, Cisco Catalyst 9800-80.