ID

VAR-202204-0750


CVE

CVE-2022-20789


TITLE

Cisco Unified Communications Manager Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202204-3883

DESCRIPTION

A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to write arbitrary files on the affected system. This vulnerability is due to improper restrictions applied to a system script. An attacker could exploit this vulnerability by using crafted variables during the execution of a system upgrade. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-arb-write-74QzruUU

Trust: 1.08

sources: NVD: CVE-2022-20789 // VULHUB: VHN-405342 // VULMON: CVE-2022-20789

AFFECTED PRODUCTS

vendor:ciscomodel:unified communications managerscope:eqversion:12.5\(1\)

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:eqversion:14.0

Trust: 1.0

sources: NVD: CVE-2022-20789

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20789
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20789
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202204-3883
value: MEDIUM

Trust: 0.6

VULHUB: VHN-405342
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-20789
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:S/C:N/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-405342
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:S/C:N/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20789
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20789
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-405342 // CNNVD: CNNVD-202204-3883 // NVD: CVE-2022-20789 // NVD: CVE-2022-20789

PROBLEMTYPE DATA

problemtype:CWE-610

Trust: 1.1

problemtype:CWE-73

Trust: 1.0

sources: VULHUB: VHN-405342 // NVD: CVE-2022-20789

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3883

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-3883

PATCH

title:Cisco Unified Communications Manager Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=190168

Trust: 0.6

title:Cisco: Cisco Unified Communications Products Arbitrary File Write Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-cucm-arb-write-74QzruUU

Trust: 0.1

sources: VULMON: CVE-2022-20789 // CNNVD: CNNVD-202204-3883

EXTERNAL IDS

db:NVDid:CVE-2022-20789

Trust: 1.8

db:CS-HELPid:SB2022042130

Trust: 0.6

db:CNNVDid:CNNVD-202204-3883

Trust: 0.6

db:CNVDid:CNVD-2022-44703

Trust: 0.1

db:VULHUBid:VHN-405342

Trust: 0.1

db:VULMONid:CVE-2022-20789

Trust: 0.1

sources: VULHUB: VHN-405342 // VULMON: CVE-2022-20789 // CNNVD: CNNVD-202204-3883 // NVD: CVE-2022-20789

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cucm-arb-write-74qzruuu

Trust: 2.4

url:https://vigilance.fr/vulnerability/cisco-unified-communications-manager-file-write-via-system-upgrade-38124

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042130

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20789/

Trust: 0.6

sources: VULHUB: VHN-405342 // VULMON: CVE-2022-20789 // CNNVD: CNNVD-202204-3883 // NVD: CVE-2022-20789

SOURCES

db:VULHUBid:VHN-405342
db:VULMONid:CVE-2022-20789
db:CNNVDid:CNNVD-202204-3883
db:NVDid:CVE-2022-20789

LAST UPDATE DATE

2024-08-14T15:11:33.500000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405342date:2022-05-03T00:00:00
db:CNNVDid:CNNVD-202204-3883date:2022-05-05T00:00:00
db:NVDid:CVE-2022-20789date:2023-11-07T03:42:57.563

SOURCES RELEASE DATE

db:VULHUBid:VHN-405342date:2022-04-21T00:00:00
db:CNNVDid:CNNVD-202204-3883date:2022-04-20T00:00:00
db:NVDid:CVE-2022-20789date:2022-04-21T19:15:08.630