Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Attack Vector Local
Attack Complexity Low
Privileges Required Low
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
User Interaction None
No CVSS v3.0
No CVSS v2
Vendors | Products |
---|---|
Cisco |
|
Configuration 1 [-]
|
Configuration 2 [-]
AND |
|
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2022-09-28T00:00:00
Updated: 2022-09-30T18:45:36
Reserved: 2021-11-02T00:00:00
Link: CVE-2022-20818
JSON object: View
NVD Information
Status : Modified
Published: 2022-09-30T19:15:11.867
Modified: 2023-11-07T03:43:02.297
Link: CVE-2022-20818
JSON object: View
Redhat Information
No data.