FKIE_CVE-2022-20775

Vulnerability from fkie_nvd - Published: 2022-09-30 19:15 - Updated: 2024-11-21 06:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
References
psirt@cisco.comhttps://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjcExploit, Third Party Advisory
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdFVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjcExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdFVendor Advisory
Impacted products
Vendor Product Version
cisco catalyst_sd-wan_manager *
cisco catalyst_sd-wan_manager *
cisco catalyst_sd-wan_manager 20.8
cisco sd-wan_vbond_orchestrator *
cisco sd-wan_vbond_orchestrator *
cisco sd-wan_vbond_orchestrator 20.8
cisco sd-wan_vsmart_controller *
cisco sd-wan_vsmart_controller *
cisco sd-wan_vsmart_controller 20.8
cisco sd-wan *
cisco sd-wan *
cisco sd-wan 20.8
cisco catalyst_8000v_edge -
cisco catalyst_cg418-e -
cisco catalyst_cg522-e -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321\/k9-rf_integrated_services_router -
cisco 4321\/k9-ws_integrated_services_router -
cisco 4321\/k9_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331\/k9-rf_integrated_services_router -
cisco 4331\/k9-ws_integrated_services_router -
cisco 4331\/k9_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351\/k9-rf_integrated_services_router -
cisco 4351\/k9-ws_integrated_services_router -
cisco 4351\/k9_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco asr_1000 -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A52514-31EF-4AEF-967B-FAD0FD67E54D",
              "versionEndExcluding": "20.6.3",
              "versionStartIncluding": "20.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "475E91CB-34F3-4B63-8CCE-7F0A9A02D136",
              "versionEndExcluding": "20.7.2",
              "versionStartIncluding": "20.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0493FE21-BB5A-41D3-9EBD-2C2BD165D5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4300237B-0872-49AD-B139-DBED88329796",
              "versionEndExcluding": "20.6.3",
              "versionStartIncluding": "20.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7585F8E-F42D-4EA2-8CBC-E157252868B9",
              "versionEndExcluding": "20.7.2",
              "versionStartIncluding": "20.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B62FF06E-8A11-41B5-B67C-9C008B5832F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60E3B315-1E13-4C27-8506-2D3C45D7A7CC",
              "versionEndExcluding": "20.6.3",
              "versionStartIncluding": "20.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F91EBF-3E14-453A-AEF9-BA2BB9F4445C",
              "versionEndExcluding": "20.7.2",
              "versionStartIncluding": "20.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D65F88EF-F2A8-4798-A88B-5B0584760E7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F0A437E-56C5-4DD2-90C4-5E62D2C97A9A",
              "versionEndExcluding": "20.6.3",
              "versionStartIncluding": "20.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9113890B-7A2A-4FD1-8328-169E4AB41117",
              "versionEndExcluding": "20.7.2",
              "versionStartIncluding": "20.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CEAD0DC-6407-4D23-A73D-0089C31CEB39",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36AFCB37-1760-4808-AEA5-875F45C05464",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C146F67C-0FCF-4C5C-B6B8-D67746E69CFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C90C43-2D7D-43F8-AD7F-421878909AE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "445597DA-7EEC-470D-9A71-BC43A9F7DE5E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86049773-C88D-4A26-A0D3-D40F3C312AEC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8A4630-8B21-4994-8EF5-E105593A64E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F799DC02-EB06-458C-8545-A174475FE7A2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B89FBA68-A8ED-4C5A-916E-A68468F59730",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la CLI del software Cisco SD-WAN podr\u00edan permitir a un atacante local autenticado conseguir altos privilegios. Estas vulnerabilidades son debido a controles de acceso inapropiados en los comandos de la aplicaci\u00f3n CLI. Un atacante podr\u00eda explotar estas vulnerabilidades al ejecutar un comando malicioso en la CLI de la aplicaci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios como usuario root"
    }
  ],
  "id": "CVE-2022-20775",
  "lastModified": "2024-11-21T06:43:31.933",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-30T19:15:11.467",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-25"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.