Details of VAR-202204-0863

ID

VAR-202204-0863

CVE

CVE-2022-20681

TITLE

Cisco IOS XE Software vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-009570

DESCRIPTION

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands with level 15 privileges on the affected device. Cisco IOS XE There are unspecified vulnerabilities in the software.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment. There is a privilege escalation vulnerability in Cisco IOS XE. Attackers can exploit this vulnerability to cause privilege escalation

Trust: 1.8

sources: NVD: CVE-2022-20681 // JVNDB: JVNDB-2022-009570 // VULHUB: VHN-405234 // VULMON: CVE-2022-20681

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1v	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1r	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1z2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1z1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.6a	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-009570 // NVD: CVE-2022-20681

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20681
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20681
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-20681
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202204-3306
value:	HIGH
Trust: 0.6
VULHUB:	VHN-405234
value:	HIGH
Trust: 0.1
VULMON:	CVE-2022-20681
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2022-20681
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-405234
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-20681
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-20681
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-405234 // VULMON: CVE-2022-20681 // JVNDB: JVNDB-2022-009570 // CNNVD: CNNVD-202204-3306 // NVD: CVE-2022-20681 // NVD: CVE-2022-20681

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-266	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-009570 // NVD: CVE-2022-20681

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202204-3306

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-3306

PATCH

title:	cisco-sa-ewlc-priv-esc-ybvHKO5	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5	Trust: 0.8
title:	Cisco: Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ewlc-priv-esc-ybvHKO5	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-20681 // JVNDB: JVNDB-2022-009570

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20681	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-009570	Trust: 0.8
db:	CS-HELP	id:	SB2022041413	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-3306	Trust: 0.6
db:	CNVD	id:	CNVD-2022-55150	Trust: 0.1
db:	VULHUB	id:	VHN-405234	Trust: 0.1
db:	VULMON	id:	CVE-2022-20681	Trust: 0.1

sources: VULHUB: VHN-405234 // VULMON: CVE-2022-20681 // JVNDB: JVNDB-2022-009570 // CNNVD: CNNVD-202204-3306 // NVD: CVE-2022-20681

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ewlc-priv-esc-ybvhko5	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20681	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-20681/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-xe-privilege-escalation-via-cli-commands-38063	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022041413	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-405234 // VULMON: CVE-2022-20681 // JVNDB: JVNDB-2022-009570 // CNNVD: CNNVD-202204-3306 // NVD: CVE-2022-20681

SOURCES

db:	VULHUB	id:	VHN-405234
db:	VULMON	id:	CVE-2022-20681
db:	JVNDB	id:	JVNDB-2022-009570
db:	CNNVD	id:	CNNVD-202204-3306
db:	NVD	id:	CVE-2022-20681

LAST UPDATE DATE

2024-08-14T14:31:14.302000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405234	date:	2022-04-25T00:00:00
db:	VULMON	id:	CVE-2022-20681	date:	2024-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2022-009570	date:	2023-08-07T07:48:00
db:	CNNVD	id:	CNNVD-202204-3306	date:	2022-04-26T00:00:00
db:	NVD	id:	CVE-2022-20681	date:	2024-02-07T18:41:36.260

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405234	date:	2022-04-15T00:00:00
db:	VULMON	id:	CVE-2022-20681	date:	2022-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-009570	date:	2023-08-07T00:00:00
db:	CNNVD	id:	CNNVD-202204-3306	date:	2022-04-13T00:00:00
db:	NVD	id:	CVE-2022-20681	date:	2022-04-15T15:15:12.567