CVE-2022-20818
Last modified
CVE-2022-20818 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. EPSS estimates a 0.59% chance of exploitation in the next 30 days.
Description
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Sd-Wan Vbond Orchestrator | < 20.9 |
| Cisco | Sd-Wan Vmanage | < 20.9 |
| Cisco | Sd-Wan Vsmart Controller | < 20.9 |
| Cisco | Sd-Wan | < 20.9 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-20818?
How severe is CVE-2022-20818?
How do I fix CVE-2022-20818?
Are you affected by CVE-2022-20818?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST