Vulnerability Details CVE-2022-20775
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.9%
CVSS Severity
CVSS v3 Score 7.8
References
- https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
- https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
Products affected by CVE-2022-20775
-
cpe:2.3:a:cisco:catalyst_8000v_edge:-
-
cpe:2.3:a:cisco:catalyst_cg418-e:-
-
cpe:2.3:a:cisco:catalyst_cg522-e:-
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.0.18.3
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.0.18.4
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.0.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.0.4
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.3
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.4
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.7
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1.0.2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1.1
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1eft2
-
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8
-
cpe:2.3:a:cisco:sd-wan:20.6
-
cpe:2.3:a:cisco:sd-wan:20.6.2
-
cpe:2.3:a:cisco:sd-wan:20.7
-
cpe:2.3:a:cisco:sd-wan:20.8
-
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*
-
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.6.2
-
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.8
-
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*
-
cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.6.2
-
cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.8
-
cpe:2.3:h:cisco:1100-4g_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-4p_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-6g_integrated_services_router:-
-
cpe:2.3:h:cisco:1100-8p_integrated_services_router:-
-
cpe:2.3:h:cisco:1100_integrated_services_router:-
-
cpe:2.3:h:cisco:1101-4p_integrated_services_router:-
-
cpe:2.3:h:cisco:1101_integrated_services_router:-
-
cpe:2.3:h:cisco:1109-2p_integrated_services_router:-
-
cpe:2.3:h:cisco:1109-4p_integrated_services_router:-
-
cpe:2.3:h:cisco:1109_integrated_services_router:-
-
cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-
-
cpe:2.3:h:cisco:1111x_integrated_services_router:-
-
cpe:2.3:h:cisco:111x_integrated_services_router:-
-
cpe:2.3:h:cisco:1120_integrated_services_router:-
-
cpe:2.3:h:cisco:1131_integrated_services_router:-
-
cpe:2.3:h:cisco:1160_integrated_services_router:-
-
cpe:2.3:h:cisco:4000_integrated_services_router:-
-
cpe:2.3:h:cisco:4221_integrated_services_router:-
-
cpe:2.3:h:cisco:4321/k9-rf_integrated_services_router:-
-
cpe:2.3:h:cisco:4321/k9-ws_integrated_services_router:-
-
cpe:2.3:h:cisco:4321/k9_integrated_services_router:-
-
cpe:2.3:h:cisco:4321_integrated_services_router:-
-
cpe:2.3:h:cisco:4331/k9-rf_integrated_services_router:-
-
cpe:2.3:h:cisco:4331/k9-ws_integrated_services_router:-
-
cpe:2.3:h:cisco:4331/k9_integrated_services_router:-
-
cpe:2.3:h:cisco:4331_integrated_services_router:-
-
cpe:2.3:h:cisco:4351/k9-rf_integrated_services_router:-
-
cpe:2.3:h:cisco:4351/k9-ws_integrated_services_router:-
-
cpe:2.3:h:cisco:4351/k9_integrated_services_router:-
-
cpe:2.3:h:cisco:4351_integrated_services_router:-
-
cpe:2.3:h:cisco:4431_integrated_services_router:-
-
cpe:2.3:h:cisco:4451-x_integrated_services_router:-
-
cpe:2.3:h:cisco:4451_integrated_services_router:-
-
cpe:2.3:h:cisco:4461_integrated_services_router:-
-
cpe:2.3:h:cisco:8101-32fh:-
-
cpe:2.3:h:cisco:8101-32h:-
-
cpe:2.3:h:cisco:8102-64h:-
-
cpe:2.3:h:cisco:8201-32fh:-
-
cpe:2.3:h:cisco:8201:-
-
cpe:2.3:h:cisco:8202:-
-
cpe:2.3:h:cisco:8804:-
-
cpe:2.3:h:cisco:8808:-
-
cpe:2.3:h:cisco:8812:-
-
cpe:2.3:h:cisco:8818:-
-
cpe:2.3:h:cisco:8831:-
-
cpe:2.3:h:cisco:asr_1000-x:-
-
cpe:2.3:h:cisco:asr_1000:-
-
cpe:2.3:h:cisco:asr_1001-hx:-
-
cpe:2.3:h:cisco:asr_1001-hx_r:-
-
cpe:2.3:h:cisco:asr_1001-x:-
-
cpe:2.3:h:cisco:asr_1001-x_r:-
-
cpe:2.3:h:cisco:asr_1001:-
-
cpe:2.3:h:cisco:asr_1002-hx:-
-
cpe:2.3:h:cisco:asr_1002-hx_r:-
-
cpe:2.3:h:cisco:asr_1002-x:-
-
cpe:2.3:h:cisco:asr_1002-x_r:-
-
cpe:2.3:h:cisco:asr_1002:-
-
cpe:2.3:h:cisco:asr_1004:-
-
cpe:2.3:h:cisco:asr_1006-x:-
-
cpe:2.3:h:cisco:asr_1006:-
-
cpe:2.3:h:cisco:asr_1009-x:-
-
cpe:2.3:h:cisco:asr_1013:-
-
cpe:2.3:h:cisco:asr_1023:-
-
cpe:2.3:h:cisco:catalyst_8200:-
-
cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-
-
cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-
-
cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-
-
cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-
-
cpe:2.3:h:cisco:catalyst_8300:-
-
cpe:2.3:h:cisco:catalyst_8500-4qc:-
-
cpe:2.3:h:cisco:catalyst_8500:-
-
cpe:2.3:h:cisco:catalyst_8500l:-
-
cpe:2.3:h:cisco:catalyst_8510csr:-
-
cpe:2.3:h:cisco:catalyst_8510msr:-
-
cpe:2.3:h:cisco:catalyst_8540csr:-
-
cpe:2.3:h:cisco:catalyst_8540msr:-