Details of VAR-202204-0269

ID

VAR-202204-0269

CVE

CVE-2022-20726

TITLE

Cisco Iox Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202204-3312

DESCRIPTION

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Iox is a secure development environment from Cisco (Cisco) that combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. A security vulnerability exists in the Cisco Iox application hosting environment that stems from insufficient error handling of socket operations. An attacker could exploit the vulnerability by sending a sustained rate of compressed TCP traffic to the IOx web server on an affected device. Successful exploitation of this vulnerability could allow an attacker to cause the IOx web server to stop processing requests, resulting in a DoS situation. The following products and versions are affected: Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway

Trust: 1.62

sources: NVD: CVE-2022-20726 // CNNVD: CNNVD-202204-3312 // VULHUB: VHN-405279 // VULMON: CVE-2022-20726

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ic3000 industrial compute gateway	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7\)e0b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m1	Trust: 1.0
vendor:	cisco	model:	cgr1000 compute module	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7\)e0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.8\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.9\(3\)m4a	Trust: 1.0

sources: NVD: CVE-2022-20726

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20726
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20726
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202204-3312
value:	HIGH
Trust: 0.6
VULHUB:	VHN-405279
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-20726
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-20726
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-405279
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-20726
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20726
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	4.2
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-405279 // VULMON: CVE-2022-20726 // CNNVD: CNNVD-202204-3312 // NVD: CVE-2022-20726 // NVD: CVE-2022-20726

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.0
problemtype:	CWE-755	Trust: 1.0

sources: NVD: CVE-2022-20726

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3312

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-3312

PATCH

title:	Cisco: Cisco IOx Application Hosting Environment Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-iox-yuXQ6hFj	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-20726

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20726	Trust: 1.8
db:	CS-HELP	id:	SB2022041415	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-3312	Trust: 0.6
db:	CNVD	id:	CNVD-2022-46962	Trust: 0.1
db:	VULHUB	id:	VHN-405279	Trust: 0.1
db:	VULMON	id:	CVE-2022-20726	Trust: 0.1

sources: VULHUB: VHN-405279 // VULMON: CVE-2022-20726 // CNNVD: CNNVD-202204-3312 // NVD: CVE-2022-20726

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iox-yuxq6hfj	Trust: 1.9
url:	https://cxsecurity.com/cveshow/cve-2022-20726/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-via-application-hosting-environment-38057	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022041415	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/755.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-405279 // VULMON: CVE-2022-20726 // CNNVD: CNNVD-202204-3312 // NVD: CVE-2022-20726

SOURCES

db:	VULHUB	id:	VHN-405279
db:	VULMON	id:	CVE-2022-20726
db:	CNNVD	id:	CNNVD-202204-3312
db:	NVD	id:	CVE-2022-20726

LAST UPDATE DATE

2024-08-14T13:53:29.256000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405279	date:	2022-04-22T00:00:00
db:	VULMON	id:	CVE-2022-20726	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202204-3312	date:	2023-07-25T00:00:00
db:	NVD	id:	CVE-2022-20726	date:	2023-11-07T03:42:45.160

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405279	date:	2022-04-15T00:00:00
db:	VULMON	id:	CVE-2022-20726	date:	2022-04-15T00:00:00
db:	CNNVD	id:	CNNVD-202204-3312	date:	2022-04-13T00:00:00
db:	NVD	id:	CVE-2022-20726	date:	2022-04-15T15:15:13.560