Details of VAR-202204-0261

ID

VAR-202204-0261

CVE

CVE-2022-20723

TITLE

Cisco IOS XE Path traversal vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202204-3309

DESCRIPTION

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory

Trust: 1.08

sources: NVD: CVE-2022-20723 // VULHUB: VHN-405276 // VULMON: CVE-2022-20723

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1v	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1r	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3h	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1g	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.5f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.3a	Trust: 1.0

sources: NVD: CVE-2022-20723

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20723
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20723
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202204-3309
value:	HIGH
Trust: 0.6
VULHUB:	VHN-405276
value:	HIGH
Trust: 0.1
VULMON:	CVE-2022-20723
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2022-20723
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-405276
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-20723
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20723
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	4.2
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-405276 // VULMON: CVE-2022-20723 // CNNVD: CNNVD-202204-3309 // NVD: CVE-2022-20723 // NVD: CVE-2022-20723

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.0

sources: NVD: CVE-2022-20723

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3309

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202204-3309

PATCH

title:	Cisco: Cisco IOx Application Hosting Environment Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-iox-yuXQ6hFj	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-20723

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20723	Trust: 1.8
db:	CS-HELP	id:	SB2022041415	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-3309	Trust: 0.6
db:	VULHUB	id:	VHN-405276	Trust: 0.1
db:	VULMON	id:	CVE-2022-20723	Trust: 0.1

sources: VULHUB: VHN-405276 // VULMON: CVE-2022-20723 // CNNVD: CNNVD-202204-3309 // NVD: CVE-2022-20723

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iox-yuxq6hfj	Trust: 1.9
url:	https://github.com/orangecertcc/security-research/security/advisories/ghsa-cq9c-3cwm-7j7q	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20723	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-20723/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-via-application-hosting-environment-38057	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022041415	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-405276 // VULMON: CVE-2022-20723 // CNNVD: CNNVD-202204-3309 // NVD: CVE-2022-20723

SOURCES

db:	VULHUB	id:	VHN-405276
db:	VULMON	id:	CVE-2022-20723
db:	CNNVD	id:	CNNVD-202204-3309
db:	NVD	id:	CVE-2022-20723

LAST UPDATE DATE

2024-08-14T13:53:29.282000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405276	date:	2022-04-22T00:00:00
db:	VULMON	id:	CVE-2022-20723	date:	2024-02-07T00:00:00
db:	CNNVD	id:	CNNVD-202204-3309	date:	2023-07-25T00:00:00
db:	NVD	id:	CVE-2022-20723	date:	2024-02-07T18:46:14.040

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405276	date:	2022-04-15T00:00:00
db:	VULMON	id:	CVE-2022-20723	date:	2022-04-15T00:00:00
db:	CNNVD	id:	CNNVD-202204-3309	date:	2022-04-13T00:00:00
db:	NVD	id:	CVE-2022-20723	date:	2022-04-15T15:15:13.410