Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2018-16839 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839 CVE-2018-16840 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840 CVE-2018-16842 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842 CVE-2019-5436 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436 CVE-2019-5443 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5443 CVE-2019-5481 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 CVE-2019-5482 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 CVE-2020-8177 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177 CVE-2020-8284 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284 CVE-2020-8285 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285 CVE-2020-8286 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286 CVE-2021-22876 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876 CVE-2021-22897 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897 CVE-2021-22898 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898 CVE-2021-22922 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922 CVE-2021-22923 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923 CVE-2021-22925 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925 CVE-2021-22926 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926 CVE-2021-22946 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946 CVE-2021-22947 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947 CVE-2022-22576 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 CVE-2022-27774 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 CVE-2022-27776 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 CVE-2022-27781 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781 CVE-2022-27782 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782 CVE-2022-32206 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206 CVE-2022-32208 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208 CVE-2022-32221 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221 CVE-2022-35252 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252 CVE-2022-43552 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552 CVE-2023-23914 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914 CVE-2023-23915 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915 CVE-2023-23916 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916 CVE-2023-27533 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533 CVE-2023-27534 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534 CVE-2023-28319 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28319 CVE-2023-28320 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320 CVE-2023-28321 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321 CVE-2023-28322 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322 After analysis, Cisco has decided against performing additional actions on this product due to one of the following reasons: - The product is no longer maintained, having reached End of Software Maintenance. - The product is still being maintained, but a business decision was made not to upgrade the vulnerable product. - The product uses the affected third-party component in such a way as to not be affected by these vulnerabilities.
Device with default configuration.
Not available or not applicable.
Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS score as of the time of evaluation is: 9.8 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE ID CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2019-5436, CVE-2019-5443, CVE-2019-5481, CVE-2019-5482, CVE-2020-8177, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22897, CVE-2021-22898, CVE-2021-22922, CVE-2021-22923, CVE-2021-22925, CVE-2021-22926, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322 have been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html