CVE-2022-20677
Published Apr 15, 2022
Last updated a year ago
Overview
- Description
- Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:17.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25FA8E21-9A5D-494C-92BF-42F1F4D2DCAA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77"
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02"
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3"
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16"
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"
},
{
"criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984"
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350"
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"
},
{
"criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8"
},
{
"criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29"
},
{
"criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34"
},
{
"criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3"
},
{
"criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7"
},
{
"criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2"
},
{
"criteria": "cpe:2.3:h:cisco:8800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E899BDC3-03A0-4ED7-8C36-7BC247A344A8"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A"
},
{
"criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181"
},
{
"criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "25CE5302-0BA9-4155-A68B-3CD735F64A9F"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "405B9D5D-09E9-48D9-A164-04A6DCE41482"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ess9300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9A80AB4A-A121-4777-BD99-62D658A3DE22"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD"
},
{
"criteria": "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3"
},
{
"criteria": "cpe:2.3:h:cisco:esr3300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D07773DC-24E0-4651-A98B-9CD54419F4D1"
},
{
"criteria": "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "44D19136-4ECB-437F-BA8A-E2FE35A39BF9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]